Report - innovators.com.pk/tibe/index.php?qbot.zip

Report Overview

Submitted URL
innovators.com.pk/tibe/index.php?qbot.zip
IP
199.188.200.196
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-15 19:24:25
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
306

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
innovators.com.pk	unknown			29 kB	889 kB	199.188.200.196
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	920 B	3.4 kB	142.250.74.10
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.164.183.116
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.1 kB	6.3 kB	142.250.74.35
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	2.4 kB	68 kB	216.58.207.195
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.249
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	963 B	104.18.32.68
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	387 B	44 kB	142.250.74.168
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:43Z	720 B	564 B	216.239.32.36
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.8 kB	74 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	1.2 kB	21 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	innovators.com.pk/wp-admin/css/color-picker.min.css?ver=6.1	Malware
2022-11-15	medium	innovators.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1	Malware
2022-11-15	medium	innovators.com.pk/wp-content/uploads/elementor/css/post-5.css?ver=1668393793	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11	Malware
2022-11-15	medium	innovators.com.pk/wp-includes/css/dashicons.min.css?ver=6.1	Malware
2022-11-15	medium	innovators.com.pk/wp-content/uploads/elementor/css/post-1417.css?ver=1668393795	Malware
2022-11-15	medium	innovators.com.pk/wp-content/uploads/elementor/css/post-823.css?ver=1668393795	Malware
2022-11-15	medium	innovators.com.pk/wp-content/uploads/elementor/css/global.css?ver=1668393794	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3	Malware
2022-11-15	medium	innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2	Malware
2022-11-15	medium	innovators.com.pk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	Malware
2022-11-15	medium	innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	Malware
2022-11-15	medium	innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js	Malware
2022-11-15	medium	innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed
2022-11-15	medium	innovators.com.pk	Sinkholed

JavaScript (33)

	URL	Size	First Seen	Last Seen
	innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1	33 kB	2023-03-08	2024-04-15
Pretty URL innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen658 Hash 48b7a16ab38005edf9c9964313ce1cd7 8b8569d937aac61fd792b6c68fca974e3cdd94ab 5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7 Loading...

	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2	21 kB	2023-03-07	2024-04-23
Pretty URL innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 15:32:39 Times Seen700 Hash 1f47dbc1f75d579e9d484a7afe98f09f 418502742405dfee45e01633662a7e2f2e974086 a2cebfe3738dbd10570bcfea24eb240323f7f03312fce23f999ecbc9fb3cc6cb Loading...

	innovators.com.pk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5	4.9 kB	2023-03-07	2024-04-26
Pretty URL innovators.com.pk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 13:31:33 Times Seen24393 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	innovators.com.pk/tibe/?qbot.zip	2.3 kB	2023-03-11	2023-03-11
Pretty URL innovators.com.pk/tibe/?qbot.zip IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash cb4e2170a2f74a6b8e1e412f7aec7d3a a307e7702ddce1425debbc5eb5b8c1a10ede3082 b96abb99a7d7bc49f1bb655662fcc47b1f48913faeae38132665cfe862f36c20 Loading...

	innovators.com.pk/tibe/?qbot.zip	5.7 kB	2023-03-11	2023-03-11
Pretty URL innovators.com.pk/tibe/?qbot.zip IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash f9cc3b20e1a6da911f531452d0653239 c91a4b1e8b2e17d2fb76db1f814f81ff4b3382f0 0c6cd35430896126f93580fb53b8ff623ddb3ae13f4421148b1a3cc125cfb11e Loading...

	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js	3.3 kB	2023-03-07	2024-04-04
Pretty URL innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:45 Last Seen2024-04-04 15:41:10 Times Seen285 Hash 04935749bae09be3cf47d205b4556d5e be608f1e68be358f0a9a589aa8c5c0a64f89b1fd 49e0f7e4312a7fad805dbcc9a52f704614d7aa6fff8c0040fb7f8b8736ff49da Loading...

	innovators.com.pk/wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0	58 kB	2023-03-07	2024-02-28
Pretty URL innovators.com.pk/wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:29 Last Seen2024-02-28 18:41:12 Times Seen184 Hash 8dee6808e5697eb7c6051f40b995dde0 21a35c6947a463bc6b8a7f1a5296af4f4e107a69 4d5799ac0e685e96c270152e54313209046f9eadd4fcbe65018a131a7b6ea76c Loading...

	innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22	13 kB	2023-03-11	2024-02-03
Pretty URL innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2024-02-03 00:07:17 Times Seen2 Hash 12ab4ff2a09517fd2c4d20cb0bd7f69e f2e030e7fa026679dd11d113dd883e501fff5877 885756c0c69f49b3b255afb01daf25b502800b13f2c0060f99c8f699247b3d27 Loading...

	innovators.com.pk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-25
Pretty URL innovators.com.pk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 21:53:57 Times Seen15501 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae	10 kB	2023-03-08	2024-04-26
Pretty URL innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-26 13:31:33 Times Seen25621 Hash 8cd696505481e74ffee89b4995f37379 ee9aad199ef2bc60a3460f4c52f37d22907b2ec9 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874 Loading...

	innovators.com.pk/tibe/?qbot.zip	1.2 kB	2023-03-11	2023-03-11
Pretty URL innovators.com.pk/tibe/?qbot.zip IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash 92801d609fbe5633625c17d53474dc04 f1ada9682f31675e8a4707e54e49cebdce886933 7f64ed35304c3878f24bf2d0fdfd4d7a6c253a378e797362c5dd3547a0bef293 Loading...

	innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2	3.2 kB	2023-03-07	2024-04-24
Pretty URL innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 13:04:53 Times Seen1128 Hash dbe4b3628220901277c0c4234475e5cb c17291130bc11a7f39ce70fe869bf82946e7be8b 10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4 Loading...

	innovators.com.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-26
Pretty URL innovators.com.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 16:08:31 Times Seen31833 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 20:35:00 Times Seen68678 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.googletagmanager.com/gtag/js?id=UA-244826791-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-244826791-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash d57629be3afb835c775b4a1cebaafa05 6bd7d1bfa28557b97f8695bcc3a829db1516b950 71e54fca2c040ed5be064effac25894e5480c146a3389d8230329328581967ab Loading...

	innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	5.0 kB	2023-03-08	2024-04-15
Pretty URL innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen647 Hash 562ad59077018eb139d1f46afd69a050 d33c188f7d0f306b8a0ede1e3b67a0edb7be8966 f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb Loading...

	innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11	2.7 kB	2023-03-07	2024-02-29
Pretty URL innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:32 Last Seen2024-02-29 20:19:25 Times Seen13 Hash 68fef03e1e671941a5eca7cbb3646698 209f0778bd97414a412db11f91e524ab914d9333 4dc1670e804c461d9c43f803e79606c5a3c161e7d47b3cd4f2df92f861c60cd5 Loading...

	innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	25 kB	2023-03-07	2024-04-26
Pretty URL innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 17:32:09 Times Seen16619 Hash 046405de007ff73e52d17dab2af75258 887cfb8a9de27005875f6e1c1d1ead43bd0865c8 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020 Loading...

	innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-26
Pretty URL innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 20:12:42 Times Seen52814 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	innovators.com.pk/tibe/?qbot.zip	316 B	2023-03-11	2023-03-11
Pretty URL innovators.com.pk/tibe/?qbot.zip IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash 49505c35f1588bb8f3845e263fb795ce 1e295a4596ca813887dec363960d57f25fca4ba1 cc015e7ea5f76d851afa0f3e80e97d509c96ca808d0aa5b43108f5440e27c04e Loading...

	innovators.com.pk/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0	3.2 kB	2023-03-07	2024-04-18
Pretty URL innovators.com.pk/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:35 Last Seen2024-04-18 12:45:31 Times Seen2021 Hash e846984437ce810e4757bb0d935e67f0 0cd5ea1fde5aceba86a2ed59e77e35eff4acd2df 7f161501494bc2f199eaf414c3104318a00e2072f272ebce45540eef58cfb08b Loading...

	innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1	40 kB	2023-03-08	2024-04-15
Pretty URL innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen724 Hash 2331d602370faa61829c8aa628996c7d e097dda010d924637e9c9f906be7653ae2d29343 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d Loading...

	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2	24 kB	2023-03-07	2024-04-22
Pretty URL innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:07 Last Seen2024-04-22 09:02:15 Times Seen459 Hash 562c414d66f85e93f2501fd62116fc39 bf3ac4a8e3f48e596491f56512fa5b974e584662 8321348efb44c9dd41d6eab7b2f4aa703fb7a60ae7092a46c2daf86230ef57f0 Loading...

	www.googletagmanager.com/gtag/js?id=G-CPGNPPWBXQ&l=dataLayer&cx=c	219 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-CPGNPPWBXQ&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash 71a41998ae2b65c591fbcf936f79a920 721d66fe6ca8011b892ced5932cc38f37a7a4b00 035718ddb07f020c13a20718728eb3024939c9468c0699d4b1988b2b004305da Loading...

	innovators.com.pk/tibe/?qbot.zip	2.1 kB	2023-03-11	2023-03-11
Pretty URL innovators.com.pk/tibe/?qbot.zip IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash ede46e91e98fc6c2a94ebdd8f975f83e fe0eb1bb1450dafd5db5bf98b6c9893d11954d1b 3c7c59fa2f035ac582b6129615d4a97c04fa53e3b183433034132f0ac9cd898d Loading...

	innovators.com.pk/tibe/?qbot.zip	302 B	2023-03-11	2023-03-11
Pretty URL innovators.com.pk/tibe/?qbot.zip IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:30:57 Last Seen2023-03-11 12:30:57 Times Seen1 Hash cd00f3fd20024ab901a4c0276d2c1c36 9f33756ef632e2a3d7419249c02c476857a75d3e 49023b604788513f3e13e7f9d962f279a7ba4810375e8afe219fa6cc542c27ff Loading...

	innovators.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1	19 kB	2023-03-07	2024-04-26
Pretty URL innovators.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 16:08:31 Times Seen38067 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	innovators.com.pk/tibe/?qbot.zip	68 B	2023-03-07	2024-04-26
Pretty URL innovators.com.pk/tibe/?qbot.zip IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 20:12:41 Times Seen22494 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11	2.0 kB	2023-03-07	2024-02-29
Pretty URL innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:32 Last Seen2024-02-29 20:19:25 Times Seen35 Hash 6eabfa160be2b13c96eb98953c3e2a5b 5e2e6061784330adf531a82814de81a2ec2ba45e 6171c12f9d06a7ff38079a6bf3dd02191bda0bff6c1c7804368d717f9365c7f6 Loading...

	innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2023-03-08	2024-04-15
Pretty URL innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen332 Hash bd7fa9b462b379ac441355772351f14e 5cc11b3af3e31e790cfa0ecf28598f9509cf9e68 4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745 Loading...

	innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-26
Pretty URL innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 15:31:29 Times Seen9815 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2	5.2 kB	2023-03-07	2024-04-23
Pretty URL innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2 IP 199.188.200.196 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-23 15:32:38 Times Seen580 Hash 930958dda0b54fccfda768b279927eed 469c65b8c85401b738fe58b71138b2239c75178f 866d4e109d45cc75283a55da524d647bfb8065a7f30ec23759aef9af3b535c71 Loading...

HTTP Transactions (100)

URL IP Response Size

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Tue, 15 Nov 2022 20:10:48 GMT
Date: Tue, 15 Nov 2022 19:24:14 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4fe5a11c3ca8a150aad830b739f24b58
898b730b1a66dd49c6f018333ba828410f63f347
2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2534
Cache-Control: max-age=143347
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:14 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 11:13:21 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 18:44:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2388
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Tue, 15 Nov 2022 22:06:47 GMT
Date: Tue, 15 Nov 2022 19:24:14 GMT
Connection: keep-alive

innovators.com.pk/tibe/index.php?qbot.zip

199.188.200.196

301 Moved Permanently

707 B

URL HTTP/1.1
innovators.com.pk/tibe/index.php?qbot.zip
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /tibe/index.php?qbot.zip HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 15 Nov 2022 19:24:14 GMT
server: LiteSpeed
location: https://innovators.com.pk/tibe/index.php?qbot.zip
x-turbo-charged-by: LiteSpeed

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 79j0ueTw55h23BpbXeZf3PWpOMUOjRU7q9bS/ZbfOI753/CW0udeRGu/KfLUIaxR5QEliSmG0CY=
x-amz-request-id: DCSH7N9Z2FNKNXX4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 18:51:41 GMT
age: 1953
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 19:24:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 2366
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
de57a2d376db743a3987c454889f1f21
0defab699bdb1b158026f93c2dd105bcd65f6764
b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=142246
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:15 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:55:01 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
22c78d7346514da43fb5498ce3eb64da
a2005f9ac5fc239443c92f4a3240cafba06a8cfa
ece0eb8a090560aa8de5c986ad6b87a75aa2f55aefe3fa5cfc733558494d7b21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 19:24:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 11:04:19 GMT
Expires: Sat, 19 Nov 2022 11:04:18 GMT
Etag: "a2005f9ac5fc239443c92f4a3240cafba06a8cfa"
Cache-Control: max-age=315002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76aa5db1ffc00b31-OSL

innovators.com.pk/tibe/index.php?qbot.zip

199.188.200.196

301 Moved Permanently

0 B

URL HTTP/2
innovators.com.pk/tibe/index.php?qbot.zip
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /tibe/index.php?qbot.zip HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://innovators.com.pk/tibe/?qbot.zip
x-litespeed-cache: hit
content-length: 0
date: Tue, 15 Nov 2022 19:24:15 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R97T9k82/47spnWzr95/4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yNun/5HGue0X+WcyoLji/6igPMI=

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.249

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5261
Expires: Tue, 15 Nov 2022 20:51:57 GMT
Date: Tue, 15 Nov 2022 19:24:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5856 bytes)
Hash
b891dd714ee24b92f59f0697dd45c2b4
8b54f502df3eb318b87ff8a3313007876752e181
d50396bc97a46452ed3af30dbfffc9fe75cf7d4ec347c0a8460d99a6affd1fb2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11e6547-de5b-41d6-a923-9194b88afaba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5856
x-amzn-requestid: b6972c46-67c1-4928-85d3-f8fe5f086449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQaYHsHoAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610f-4ad4de3440d05bce46b54ebd;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Rd662WbccpmBSTlfWbSNYkXLKRCTr3-HGg9m4S_CNQ5kqcnPalr41w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:23:46 GMT
age: 57630
etag: "8b54f502df3eb318b87ff8a3313007876752e181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfe73af-53c0-4706-a320-987a036d5df3.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13491 bytes)
Hash
11b09e0954b0c369b17157cbec3a9faa
e58d41c729265821354d74bf3ede201367c26520
10c5a9996520f504c1fd3e0b7f3d534e67e062067f5708c92ab6bea92f252653

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfe73af-53c0-4706-a320-987a036d5df3.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13491
x-amzn-requestid: c1c11381-c73e-4068-aafd-4a2e9db024f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blxEFG06IAMFk8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63722ee6-5b5137ae63a9d76c3d4d0957;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 12:04:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nch-1WcsrA2j8uYLqPgXIjUc3VD3JP7XMYS_zTPEUrPL8Uj9xx0ICg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 11:24:51 GMT
age: 28765
etag: "e58d41c729265821354d74bf3ede201367c26520"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9311 bytes)
Hash
c5f45accbd2d3551103631fa77deee8f
7295ef4c52bcea1be24b963d7ff170ef5bacf713
495e2cef9d9ebec66f1ddcf478512af7e37a301b562d7b75e5d28bb7753d2290

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594089c3-0cc3-4e41-b8df-290b4d9aa986.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9311
x-amzn-requestid: ccbd88f7-a72f-4f7c-868d-907b2dbea1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ9_UEQ4IAMFmzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d76c8-4c0b800d7bf5064346932e15;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 22:10:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bJa_vwFYVNizWkPP2aLO8cOJiMqMfZmD34-hAnOlmJ0K2OO3dghWvw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:09:42 GMT
age: 76474
etag: "7295ef4c52bcea1be24b963d7ff170ef5bacf713"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e60bbf3-9422-488d-8fc3-b942a7bc67d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12232 bytes)
Hash
a0138b29a33ea685f16770ad6511eb94
96a279ef747100ca1530629b9d9dddddeb43dfe8
f0e4dd8749367d88b12842001092cdf342fa4564ed32a84b10b675c51a698606

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e60bbf3-9422-488d-8fc3-b942a7bc67d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12232
x-amzn-requestid: 31aee9c3-a611-422b-856b-1daedb73a9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDuGTOoAMFv6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-2b9c63155d3afdcd6b1e0d64;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nCXTCDxQ4kNQrufgQqwb7SEPHmBiump67lKPmDSar-sX1F1qaXVppg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:53:54 GMT
age: 77422
etag: "96a279ef747100ca1530629b9d9dddddeb43dfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6318 bytes)
Hash
4af82634a56d0978c9b4689c8b7eb8ae
4b40ef08bd37cabfcb937053dd58012abdd6620f
476a9f850cfbe41adea1d699fdf4f04424674c53b268681fa6fc0e226bed0797

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F040363e6-40a3-4d68-bf2e-ca83ac195dcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6318
x-amzn-requestid: 6469c84d-fc45-470e-a438-2fb81dae70c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPtyHpXoAMFfWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63705ff1-53ab9291301773c048f69696;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:09:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w-ycM-G6gAU8xssl0r8gTPLLLimSjv4M5VUONl8bynl_A2EzlmXoaw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:53:51 GMT
age: 55825
etag: "4b40ef08bd37cabfcb937053dd58012abdd6620f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11316 bytes)
Hash
848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqIZqrKKIWszHFwass9Cd-GNxQ5Q9z3_2haPPGprjVDal71MQDurqw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 22:15:12 GMT
age: 76144
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2316d2d43aee9525cdb65b3eb2ff53a0
cad4229071cf919cb3471632ac4924cfd1a97431
99d5cce0549dbb29351735d3e15f9cde16b2ca18c57581c8110b2c54998fa28d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-244826791-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-244826791-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43602 bytes)
Hash
655fe3d165d3352d17e71114a44c8d7c
0d80f356e079d02a86545508c9ad859a6484d22c
a7ea8288beacf2a6039e9a45278df62e0085f5e49ae96c9daa31ead26af95c98

HTTP Headers

GET /gtag/js?id=UA-244826791-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 19:24:19 GMT
expires: Tue, 15 Nov 2022 19:24:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 15 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1

142.250.74.10

200 OK

2.6 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.6 kB (2618 bytes)
Hash
f63ebba716c0a0bd15f1ed0da72641f2
88bf6d34a6e1f9dfcfb8830c036df360b2911f66
38404d0a0556352a9f9335854921a449c052a01ae2a67c0a75d8388edd286ada

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 19:24:19 GMT
date: Tue, 15 Nov 2022 19:24:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3dc58f0dcba4ac9021f62c5c1c862e91
d67cf5a8968b75d0d6893054f5201e015be19ecc
75d4e57dc6c25d2456a7513572a97de5f1c1caead2822c8a985da9b8dfa55f89

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.2.11

199.188.200.196

200 OK

1.5 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.2.11
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.5 kB (1524 bytes)
Hash
e09c5536c2d1b5c34800367c1f2751ff
e4cd8a236a33c47d3fd3a692828271ef74b5c928
a9bf3e639ae5b234038b5d9742f85c444eaa0855601fd80b70df229bb8b52500

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/animations.css?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "3cfb-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1524
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-admin/css/color-picker.min.css?ver=6.1

199.188.200.196

200 OK

752 B

URL HTTP/2
innovators.com.pk/wp-admin/css/color-picker.min.css?ver=6.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3091)
Size
752 B (752 bytes)
Hash
882e79fbe85ac383edec7af9633e83db
76ba60a4c246c4588f462d1dbb23a69d0e325820
aada4f8c4f921864dc9c74704525fc42d2b1c337b61a171d678f06ab57c7f66f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-admin/css/color-picker.min.css?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 25 Mar 2021 02:11:08 GMT
etag: "c36-605bf13c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 752
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1

199.188.200.196

200 OK

12 kB

URL HTTP/2
innovators.com.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11601 bytes)
Hash
3f7f7fa954242b63cf5127c14417c6e5
712c7c9ea049d297e3fb27d3c805be5c5867c4d4
e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 26 Oct 2022 04:49:42 GMT
etag: "17265-6358bc66-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11601
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1

199.188.200.196

200 OK

1.7 kB

URL HTTP/2
innovators.com.pk/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6051), with no line terminators
Size
1.7 kB (1711 bytes)
Hash
cfe4870b943b2ade39a643e3a3d6d809
f1f4e04c908b19fa0a5a5b09de5b6b1dfc113f05
00f239a7fb673f1d8ab2db67b74e0bae64d103e520ee209c18e21b5bff3fb509

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/style.min.css?ver=2.6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "17a3-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1711
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/css/classic-themes.min.css?ver=1

199.188.200.196

200 OK

217 B

URL HTTP/2
innovators.com.pk/wp-includes/css/classic-themes.min.css?ver=1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
etag: "d9-63586e04-0;;;"
accept-ranges: bytes
content-length: 217
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1

199.188.200.196

200 OK

2.4 kB

URL HTTP/2
innovators.com.pk/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15672), with no line terminators
Size
2.4 kB (2418 bytes)
Hash
0c53a727a9801d2d872125ab96be97df
40616b12b4a9f2e4533f9adc6f965ca2b44581e0
8a69f47fdb908591cba1faa64f3807cbb3b82e12f0fe099c6bcbd31213f3bea9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "3d38-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2418
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1

199.188.200.196

200 OK

12 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65497)
Size
12 kB (12400 bytes)
Hash
eae4534b9e0b15aaf7ad9f3111688549
4bde4256711207e4a95c1376f0b453cd660a63d8
b9adb98eaf24ecee30ef9b280527781e217f6e3829b8e22e5a42f7f14819cfec

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "19538-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12400
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/uploads/elementor/css/post-5.css?ver=1668393793

199.188.200.196

200 OK

347 B

URL HTTP/2
innovators.com.pk/wp-content/uploads/elementor/css/post-5.css?ver=1668393793
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1209), with no line terminators
Size
347 B (347 bytes)
Hash
8ab37cc06a842b27836844a668a649e4
2e44e4c795e92e77395ec7c069afce5148e635e9
7781acd2dd225d38a1849e45ca4d88899042670d60f97217bcc4966e157fba84

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-5.css?ver=1668393793 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:13 GMT
etag: "4b9-6371ab41-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 347
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

199.188.200.196

200 OK

3.6 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19233)
Size
3.6 kB (3629 bytes)
Hash
af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
etag: "4b4f-62e7527a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11

199.188.200.196

200 OK

1.6 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6741), with no line terminators
Size
1.6 kB (1597 bytes)
Hash
987ac0c37f369d4cbe6c82c383c7585e
d780139386a62d79c4995c20af2ca06580d2adfc
0530b30bdd29edb37249f26b43d573fc6e6a8dfea25016ea2d6c2e7dd0b71bc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/style.min.css?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "1a55-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1597
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2

199.188.200.196

200 OK

1.5 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11362)
Size
1.5 kB (1505 bytes)
Hash
c4f251672b663c97ff6f30bc8d778179
e218078a120fe36bb62d4d0ef50e0e0f761cce50
a507d02d59d0e8a0aea204b3f46ed6c980319e140e10a548cd2014d5af9904cb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "2c8d-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1505
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/css/dashicons.min.css?ver=6.1

199.188.200.196

200 OK

35 kB

URL HTTP/2
innovators.com.pk/wp-includes/css/dashicons.min.css?ver=6.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (58981)
Size
35 kB (35110 bytes)
Hash
54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 04 Mar 2021 07:46:22 GMT
etag: "e688-6040904e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/uploads/elementor/css/post-1417.css?ver=1668393795

199.188.200.196

200 OK

1.2 kB

URL HTTP/2
innovators.com.pk/wp-content/uploads/elementor/css/post-1417.css?ver=1668393795
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5373)
Size
1.2 kB (1155 bytes)
Hash
e641ca5ecb4416d3667e897ca708da68
dcecae8cbddb2fa38b1f331e0102e78b03a2bb68
cd75054a0855f7b2e8a35a71c7d0c8db4daeffd6ac9e04c9473478ca0bed7e1a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-1417.css?ver=1668393795 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:15 GMT
etag: "2457-6371ab43-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1155
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/uploads/elementor/css/post-823.css?ver=1668393795

199.188.200.196

200 OK

1.2 kB

URL HTTP/2
innovators.com.pk/wp-content/uploads/elementor/css/post-823.css?ver=1668393795
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (8146), with no line terminators
Size
1.2 kB (1151 bytes)
Hash
52fa9c65f32e5cde7241162796c33ba4
d9fe9bcf060b0d8be36189aac610f40fbae3fad9
a53f275368144c439d2bb3132ef22dfc9264b811cb66b485308ece171d0dfe1d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-823.css?ver=1668393795 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:15 GMT
etag: "1fd2-6371ab43-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1151
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/uploads/elementor/css/global.css?ver=1668393794

199.188.200.196

200 OK

2.9 kB

URL HTTP/2
innovators.com.pk/wp-content/uploads/elementor/css/global.css?ver=1668393794
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (18950)
Size
2.9 kB (2893 bytes)
Hash
456aad85066fc984d3a9442b6a3c227f
d146c2c2ebe5dffc66222b57f97a4d830b6732b0
280727c9052d503f42ddc5c325b41ad833139867333cfbff21f41af2c383a2c3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1668393794 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 02:43:14 GMT
etag: "ab55-6371ab42-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2893
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3

199.188.200.196

200 OK

283 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (491)
Size
283 B (283 bytes)
Hash
453a93dc816be89f942ebb253ff199fb
01563d6019803e3ff2a94c5397e7e771ee6f440d
36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "2a5-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 283
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

199.188.200.196

200 OK

12 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57726)
Size
12 kB (12133 bytes)
Hash
f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "e238-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

199.188.200.196

200 OK

286 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (483)
Size
286 B (286 bytes)
Hash
8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "29d-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3

199.188.200.196

200 OK

284 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (489)
Size
284 B (284 bytes)
Hash
dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "2a3-60cb571c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

199.188.200.196

200 OK

30 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
etag: "15e54-6328ff50-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

199.188.200.196

200 OK

4.0 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0

199.188.200.196

200 OK

16 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (601)
Size
16 kB (15584 bytes)
Hash
545223f1972e0c33fa253ad19634598e
239a19cf7261673b59a915f0f7018e56530a32ab
15095633b71edfb16e0ea4110a089d6b70d1165c5591724c6ab19f394ca2d0e8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/scrollbar/js/jquery.nicescroll.min.js?ver=1.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Nov 2022 19:25:02 GMT
etag: "e27f-636ea18e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15584
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css

199.188.200.196

200 OK

12 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (55566)
Size
12 kB (11711 bytes)
Hash
4f55b569c93d063120210a6859cab84a
8c1065b740ae27bb5d9e71a308433b2547f68b9b
b3a66914862beaeab2e9c1a6c65066ea6ed7bcc6162c4c640ee45d5078717df4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "d9c7-636b4e99-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11711
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css

199.188.200.196

200 OK

3.3 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (29344)
Size
3.3 kB (3332 bytes)
Hash
18cdf27faab4d75628e8fc27617ee12a
0d16e18ed0ffadc6ae04146ba8e0ad098c0f27d7
b4dba1d530655d63b23d305d935fc07e3d4da5050139efa333f1b316e9958bfa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "72cb-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3332
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css

199.188.200.196

200 OK

4.0 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (26440)
Size
4.0 kB (3950 bytes)
Hash
a2e2887e666bfc0b5029000ea6baa077
b081b105977789d47a9195f3d5b7b1f8c6417746
f43840e5ec035343b73d070304d320677d7f92e278ede50e36878c1617d881bb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "6801-636b4e99-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3950
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css

199.188.200.196

200 OK

906 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11736)
Size
906 B (906 bytes)
Hash
dfa4e3add9f185eaf959509b12a3f2f2
e9fcec09acb8cb18203b3c9c4133ab808576df38
060ede880f21b0bfe96d2e2b5f36606cef794e7e8814d1baf877c4868eca8a43

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "2dff-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22

199.188.200.196

200 OK

2.7 kB

URL HTTP/2
innovators.com.pk/wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
2.7 kB (2715 bytes)
Hash
5b0423ee3d18d6b3a6b3df15890e97f2
fc3a62e6840a9e8e8516118aceb024dcefabcd76
75a12619fcc5e0934ba7964ab9fd3a2771122bbff2850510534752f5cc3ce2ab

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/ac_assets/ue-side-menu/menu.js?ver=1.5.22 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 07:06:09 GMT
etag: "332b-636b5161-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2715
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/dynamic-visibility.min.css?ver=2.2.11

199.188.200.196

200 OK

419 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/css/dynamic-visibility.min.css?ver=2.2.11
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1241), with no line terminators
Size
419 B (419 bytes)
Hash
2f8fea788439d39172aea491242a1687
f90dc1e2cabea8304a4589c2214b4af74e86e31e
f17f5f232d0fbbc8d9a7ea32759357769b7a16cbd2225f0fadb22b2959357085

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/dynamic-content-for-elementor/assets/css/dynamic-visibility.min.css?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 09:51:26 GMT
etag: "4d9-63720f9e-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 419
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

199.188.200.196

200 OK

6.9 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (25115)
Size
6.9 kB (6935 bytes)
Hash
e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "6272-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0

199.188.200.196

200 OK

953 B

URL HTTP/2
innovators.com.pk/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3164), with no line terminators
Size
953 B (953 bytes)
Hash
4a7d773f90facef221a9cfa11bdb2973
5ecb3100b641b2af7f7d56533a14b23fcaf15787
0fe42ed1de09f98dd0cc32f562d016a8d9cc13fcd0a0d407a11a66714c999fca

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:14:30 GMT
etag: "c5c-636b4546-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 953
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1

199.188.200.196

200 OK

2.0 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4918)
Size
2.0 kB (2044 bytes)
Hash
918938b0ee6977d6506f2e0fa248bd66
292ba27818bec580f76945b53fee4ff6cddcb2c2
a1da723cfdb1f8ea57aa7278637d07a83f39ff410dfbba24d8205882a110444e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "135d-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2

199.188.200.196

200 OK

2.2 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5141)
Size
2.2 kB (2194 bytes)
Hash
caa07ca905fef1976a5a6053956f1205
86ba279cf3cb9c5f506a831c380cb9881fac0bc6
ace878313ba51c13c8d6b5debfe37f4cdd2bb8ea0019ac03cddca95c7b34c1c2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "1440-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2194
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1

199.188.200.196

200 OK

10 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (32907)
Size
10 kB (10425 bytes)
Hash
72fd7d7a61961996172a081cb3eed6cb
7f6d4dc14ef08153606c57d374fd50b685ba383d
757fe1355fa4c3eed3c286520c6af9d344ab9d15a78d8d54a17e7573f866b9be

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "80b3-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10425
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

199.188.200.196

200 OK

2.4 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
etag: "194b-62549ee6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5

199.188.200.196

200 OK

1.6 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4875)
Size
1.6 kB (1575 bytes)
Hash
06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
etag: "132e-62549ee6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

199.188.200.196

200 OK

6.3 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.3 kB (6335 bytes)
Hash
fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Sep 2022 01:13:30 GMT
etag: "459f-632a653a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

199.188.200.196

200 OK

2.9 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (12198), with no line terminators
Size
2.9 kB (2867 bytes)
Hash
869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Jan 2017 21:35:32 GMT
etag: "2fa6-5876a524-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae

199.188.200.196

200 OK

3.7 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
3.7 kB (3717 bytes)
Hash
f7acc55c5b34188d3e66c5f2ecf3ba80
802270f7a221e406af63d622d364b119d912c15b
826c4e13764f5bf1bd0a17f2e693d943f8605df1024815f67f43694f4338b713

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
etag: "27f6-632e94ca-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

199.188.200.196

200 OK

6.8 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.8 kB (6800 bytes)
Hash
3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
etag: "53c0-632e94ca-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2

199.188.200.196

200 OK

5.4 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (21164)
Size
5.4 kB (5442 bytes)
Hash
caa94b71279d7791ccb0e467f86bc193
fda95846a1727a8e4e1591a7d78846578234159d
87acb46da9dd7afe173d9fbb47125ed8bb03559b11184cf34a9722614a3deba0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "52d7-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5442
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1

199.188.200.196

200 OK

12 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (40474)
Size
12 kB (11702 bytes)
Hash
cf45d3e8044770ba8eabf3833e30fdbe
90f787b69fa2f83b87c28f3caa67985b04b333bd
c83321c916d9ca392150cf727108c0927ce9394be70e9b08920cff666f823fb4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "9e41-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11702
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2

199.188.200.196

200 OK

5.3 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (24339)
Size
5.3 kB (5293 bytes)
Hash
01a40aed2973cdba31c9381507f66b09
303adcf7a91bd4137dbb27dd4b274bcae3272aec
11a1b8d084703cc507f7cb7e167baabe24d3f93918e7815a0f24b4df34046296

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "5f3e-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5293
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2

199.188.200.196

200 OK

1.3 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3235)
Size
1.3 kB (1254 bytes)
Hash
91194abbabb66c22700e71f20e1e6044
38c55fe048913b6bb019340944be577d045c42cc
cd144b8d1080b1c8e61c85a9357fea64c7b5be3ccbcef5c8f5301fab8eab999a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "ca4-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1254
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11

199.188.200.196

200 OK

274 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1953), with no line terminators
Size
274 B (274 bytes)
Hash
62f15dd5ac87f919a337d91c703ebad7
b954316dbc3cadbfc3ac2d893a09db4fde8d45fd
c2a33cb754f82f14ff0e3ee74107997f14694482a313324d028afa82b2d4eaed

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/dynamic-content-for-elementor/assets/js/fix-background-loop.min.js?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 14 Nov 2022 09:51:25 GMT
etag: "7a1-63720f9d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 274
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11

199.188.200.196

200 OK

815 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (531)
Size
815 B (815 bytes)
Hash
37bebd05775766e2d0ef325c9e7900e2
6a6b2e41a298cf6eadae24572416ecbcb50fdb5d
324a6ba7d7a052ff1f59eff33885b75082642e8de42fcf457b06a278229d1b51

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/dynamic-content-for-elementor/assets/js/settings.min.js?ver=2.2.11 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Mon, 14 Nov 2022 09:51:25 GMT
etag: "a8e-63720f9d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 815
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1

199.188.200.196

200 OK

4.6 kB

URL HTTP/2
innovators.com.pk/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:19 GMT
content-type: application/x-javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
etag: "48b9-62559a20-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Tue, 15 Nov 2022 19:24:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 520231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 14:07:32 GMT
expires: Thu, 09 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 537408
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 517812
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:31:05 GMT
expires: Thu, 09 Nov 2023 19:31:05 GMT
cache-control: public, max-age=31536000
age: 517995
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:48:50 GMT
expires: Thu, 09 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 509730
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 19:24:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0

199.188.200.196

200 OK

93 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Size
93 kB (93372 bytes)
Hash
aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Mon, 01 Aug 2022 04:11:38 GMT
etag: "16cbc-62e7527a-0;;;"
accept-ranges: bytes
content-length: 93372
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

199.188.200.196

200 OK

13 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size
13 kB (13276 bytes)
Hash
f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "33dc-60cb571c-0;;;"
accept-ranges: bytes
content-length: 13276
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

199.188.200.196

200 OK

77 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "12bdc-60cb571c-0;;;"
accept-ranges: bytes
content-length: 76764
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2

199.188.200.196

200 OK

78 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Size
78 kB (78196 bytes)
Hash
e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Thu, 17 Jun 2021 14:07:24 GMT
etag: "13174-60cb571c-0;;;"
accept-ranges: bytes
content-length: 78196
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2

199.188.200.196

200 OK

14 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 13580, version 329.-1049\012- data
Size
14 kB (13580 bytes)
Hash
e07d9e40b26048d9abe2ef966cd6e263
c744217caa82b3245cffa2714aaf2ec9f749614d
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-regular-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "350c-636b4e99-0;;;"
accept-ranges: bytes
content-length: 13580
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2

199.188.200.196

200 OK

75 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Size
75 kB (75440 bytes)
Hash
b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-solid-900.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "126b0-636b4e99-0;;;"
accept-ranges: bytes
content-length: 75440
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2

199.188.200.196

200 OK

74 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 74508, version 329.-1049\012- data
Size
74 kB (74508 bytes)
Hash
7559b3774a0625e8ca6c0160f8f6cfd8
a403af3337e6207d144b998b9c3bed439af562a9
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fa-brands-400.woff2 HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://innovators.com.pk/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/font-woff2
last-modified: Wed, 09 Nov 2022 06:54:17 GMT
etag: "1230c-636b4e99-0;;;"
accept-ranges: bytes
content-length: 74508
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js

199.188.200.196

200 OK

1.2 kB

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3262)
Size
1.2 kB (1173 bytes)
Hash
38771e556abbb38b6c8c9e69eab9610a
c99a3a108bb53142b8cdcb759e0311c880e94128
dfdb679b3a296294e582ab8dde42a44f26abaa0dfb6f84817b3e7bf7ce16bd0a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/x-javascript
last-modified: Wed, 09 Nov 2022 06:17:48 GMT
etag: "ce9-636b460c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1173
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

199.188.200.196

200 OK

599 B

URL HTTP/2
innovators.com.pk/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1320)
Size
599 B (599 bytes)
Hash
b59e163b50b8e62a7e08b4ce88241b48
4f45b1e9e0270133c35c43a1a33d5b2d292b8693
73ba293d6c6c5c89f37eb310eead199d2a7268ada96c881f41ec8ca5b7f693bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: application/x-javascript
last-modified: Sun, 13 Nov 2022 18:59:50 GMT
etag: "54f-63713ea6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 599
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

innovators.com.pk/wp-content/uploads/2022/11/innovators-logo.png

199.188.200.196

200 OK

194 kB

URL HTTP/2
innovators.com.pk/wp-content/uploads/2022/11/innovators-logo.png
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1247 x 279, 8-bit/color RGBA, non-interlaced\012- data
Size
194 kB (194224 bytes)
Hash
0f5600b12eb460644ec307ae9e0f5b63
40e73e69c6b1a776964e09a462461b9c5780cc59
d690ac8e923b2b897a69ef2efa0a4d49f906f22722f73cfc80f5894d26f80164

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/11/innovators-logo.png HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 15 Nov 2023 19:24:20 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 14:09:49 GMT
etag: "2f6b0-636e57ad-0;;;"
accept-ranges: bytes
content-length: 194224
date: Tue, 15 Nov 2022 19:24:20 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 18:41:09 GMT
expires: Tue, 15 Nov 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 2592
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-CPGNPPWBXQ&gtm=2oeb90&_p=1402242030&gdid=dZTNiMT&cid=1474749763.1668540260&ul=en-us&sr=1280x1024&_s=1&sid=1668540260&sct=1&seg=0&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-CPGNPPWBXQ&gtm=2oeb90&_p=1402242030&gdid=dZTNiMT&cid=1474749763.1668540260&ul=en-us&sr=1280x1024&_s=1&sid=1668540260&sct=1&seg=0&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-CPGNPPWBXQ&gtm=2oeb90&_p=1402242030&gdid=dZTNiMT&cid=1474749763.1668540260&ul=en-us&sr=1280x1024&_s=1&sid=1668540260&sct=1&seg=0&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://innovators.com.pk
date: Tue, 15 Nov 2022 19:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1402242030&t=pageview&_s=1&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAACAAI~&jid=565956632&gjid=1703569146&cid=1474749763.1668540260&tid=UA-244826791-1&_gid=538220887.1668540261&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=943193482

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1402242030&t=pageview&_s=1&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAACAAI~&jid=565956632&gjid=1703569146&cid=1474749763.1668540260&tid=UA-244826791-1&_gid=538220887.1668540261&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=943193482
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&aip=1&a=1402242030&t=pageview&_s=1&dl=https%3A%2F%2Finnovators.com.pk%2Ftibe%2F%3Fqbot.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Freelancing%20by%20Innovators&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACUABBAAAACAAI~&jid=565956632&gjid=1703569146&cid=1474749763.1668540260&tid=UA-244826791-1&_gid=538220887.1668540261&_r=1&gtm=2oub90&did=dZTNiMT&gdid=dZTNiMT&z=943193482 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://innovators.com.pk
Connection: keep-alive
Referer: https://innovators.com.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://innovators.com.pk
date: Tue, 15 Nov 2022 19:24:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

innovators.com.pk/favicon.ico

199.188.200.196

404 Not Found

1.2 kB

URL HTTP/2
innovators.com.pk/favicon.ico
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://innovators.com.pk/tibe/?qbot.zip
Connection: keep-alive
Cookie: _ga_CPGNPPWBXQ=GS1.1.1668540260.1.0.1668540260.0.0.0; _ga=GA1.1.1474749763.1668540260
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 15 Nov 2022 19:24:21 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7982 bytes)
Hash
508368e91f7702272c5610f905e4204b
0d61ccdb959e45368a9f6ada26679974374d81a2
bd3b3d55264bccbbf647577e3f93c35dd56840967713fcb948e67426c8a71b38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9b23464-6c45-4e45-acd1-ac75bde164c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 35753773-2e2d-4def-a9ef-6224343d62e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bklm8E9qoAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b62c-46372f151eb5ba9f0f5ec3a0;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:29:48 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T8ocx27r2N_V74-jyk23ATbGtw9TJBqSRB0MK0Kahre8ESS5kM_9lQ==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 77821
etag: "0d61ccdb959e45368a9f6ada26679974374d81a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

innovators.com.pk/tibe/?qbot.zip

199.188.200.196

404 Not Found

0 B

URL HTTP/2
innovators.com.pk/tibe/?qbot.zip
IP
199.188.200.196:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /tibe/?qbot.zip HTTP/1.1
Host: innovators.com.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://innovators.com.pk/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 1f1_HTTP.404,1f1_404,1f1_URL.fbdf658f78b70839ededf2b6e2927e36,1f1_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 19:24:18 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations