Overview

URL libg.ml/ar/index.html
IP141.8.224.221
ASNAS40034 Confluence Networks Inc
Location Switzerland
Report completed2019-03-21 05:22:34 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2019-03-21 05:22:01 CET 2 Client IP  Internal IP ET INFO DNS Query for Suspicious .ml Domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-03-21 2 libg.ml/ar/index.html Phishing
2019-03-21 2 ww8.libg.ml/ Phishing
2019-03-21 2 ww8.libg.ml/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 141.8.224.221

Date UQ / IDS / BL URL IP
2019-06-10 20:43:16 +0200
0 - 0 - 2 serviceupdate-quotamail.ml/ztt 141.8.224.221
2019-06-10 20:36:58 +0200
0 - 1 - 2 rsikckakuk.ml/IlOysTgNjFrGtHtEAwVo/index.php 141.8.224.221
2019-06-10 20:26:39 +0200
0 - 0 - 2 sombreelkontre.gq/ztt 141.8.224.221
2019-06-10 19:25:21 +0200
0 - 0 - 2 moduloseguranca.ml/recadastramento/computador (...) 141.8.224.221
2019-06-10 19:25:20 +0200
0 - 1 - 2 moduloseguranca.ml/confirmar/index.html.php 141.8.224.221
2019-06-10 19:25:06 +0200
0 - 1 - 2 douglasxxlake.cf/ 141.8.224.221
2019-06-10 19:07:13 +0200
0 - 1 - 0 eghwiu.gq/ 141.8.224.221
2019-06-10 18:51:09 +0200
0 - 1 - 2 exclusively.ga/ 141.8.224.221
2019-06-10 18:33:57 +0200
0 - 0 - 1 paypal.com-resolve-update.cf/webapps/90f2a/home 141.8.224.221
2019-06-10 18:33:21 +0200
0 - 1 - 1 paypal.com-supports.gq/webapps/9062841/home 141.8.224.221

Last 10 reports on ASN: AS40034 Confluence Networks Inc

Date UQ / IDS / BL URL IP
2019-06-18 08:49:24 +0200
0 - 0 - 1 online-sale24.com/1.js 204.11.56.48
2019-06-18 03:10:24 +0200
0 - 0 - 0 www.incolmotos.com.co/ 208.91.197.91
2019-06-18 02:28:02 +0200
0 - 0 - 1 ww1.survey-smiles.com 208.91.196.145
2019-06-18 01:48:39 +0200
0 - 0 - 0 https://mds.qiesnet.org/ 208.91.197.27
2019-06-18 00:01:31 +0200
0 - 0 - 0 literallyunbelievable.org/apple-touch-icon-12 (...) 209.99.40.226
2019-06-17 21:34:45 +0200
0 - 0 - 0 csrs-fers.com 199.191.50.197
2019-06-17 20:06:51 +0200
0 - 0 - 0 www.personal.argetina.com 208.91.197.46
2019-06-17 17:21:53 +0200
0 - 0 - 0 openedge.ca/ 208.73.211.165
2019-06-17 14:04:59 +0200
0 - 0 - 0 https://www.orthotreatment.net/ 209.99.16.217
2019-06-17 11:15:39 +0200
0 - 0 - 0 edunextstudio.com//api/mdh/circulars/trash/lo (...) 103.50.162.147

Last 10 reports on domain: libg.ml

Date UQ / IDS / BL URL IP
2019-06-10 08:29:10 +0200
0 - 1 - 1 lib.monash.edu.au.libg.ml/fzn 141.8.224.221
2019-06-10 08:29:10 +0200
0 - 1 - 1 lib.monash.edu.au.libg.ml/sitemap.html 141.8.224.221
2019-06-10 08:28:01 +0200
0 - 1 - 1 lib.monash.edu.au.libg.ml/windows 141.8.224.221
2019-06-10 02:49:51 +0200
0 - 0 - 1 lib.monash.edu.au.libg.ml/xrf 141.8.224.221
2019-06-09 21:06:35 +0200
0 - 1 - 2 libg.ml/sv/index.html 141.8.224.221
2019-06-09 21:02:25 +0200
0 - 0 - 2 lib.monash.edu.au.libg.ml/de 141.8.224.221
2019-06-09 21:00:45 +0200
0 - 0 - 2 lib.monash.edu.au.libg.ml/index.php 141.8.224.221
2019-05-31 22:29:20 +0200
0 - 0 - 2 monash.edu.au.libg.ml/hbb 141.8.224.221
2019-05-30 17:26:00 +0200
0 - 1 - 2 lib.monash.edu.au.libg.ml/lff 141.8.224.221
2019-05-23 03:26:36 +0200
0 - 0 - 3 libg.ml/557 141.8.224.221


JavaScript

Executed Scripts (18)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (27)


Request Response
                                        
                                            GET /ar/index.html HTTP/1.1 
Host: libg.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         141.8.224.221
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 21 Mar 2019 04:22:01 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKrfIMFkSaoTSqKmC+BrghK0CpDHc0MuVzmMHin8LIORhpXbped+iYhSnZurWnEO0zcKcVIrzp026LVc5pMB9bUCAwEAAQ==_fTQtnmqEy0Fzo/zGndJfuZ/wevyEmim/aOOymyXS6QhqB1MDvLZ8shTKG+WWEgcABF8osg7lUQ/iHJNfbPHimQ==
Content-Length: 1631
Keep-Alive: timeout=5, max=104
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text
Size:   1631
Md5:    dda386551ed5b246b67e000f51f1de4d
Sha1:   127d3632eb9927e48a2ab9f42b3a28d6095ecf38
Sha256: 32abade9189109385ef30113585cc053d1aff014ea6d36c3701af94f1f852f59

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /?ga=CexbCVTXd1TVzhOSR18l7qkFoBMEMShL%2BRYEZsRkUEhNlKfZUGByHqxLa1QzhmF3LrdIgIBBQzXvvFmOzoTh5eexEOQ5HDjX4HOsmrGU8VpqP5rRbdiLU22mPauMkNm6K1AYKUe%2BG1SEvQvz%2B38OVPW1u0tIxfKNROK8Du9aKug%3D&gerf=On3BohDiTda5bcQa%2Bu2m7KS3VsjqzCvubJ2lVO%2BSicI%3D&guro=%2B4jInOjBuDWP8klDNuetlmAh1VpYi6%2FZZudEKN4FJlzk8BrkGFAP7fhYKpWUr1mN& HTTP/1.1 
Host: libg.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://libg.ml/ar/index.html
Cookie: isframesetenabled=1

                                         
                                         141.8.224.221
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 21 Mar 2019 04:22:02 GMT
Server: Apache
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Cache-Control: private, no-cache
Pragma: no-cache
Content-Length: 698
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   698
Md5:    b0bd7e90fb4e5dfc27ad8f17ed401908
Sha1:   60050d5fb7534943c4a23f29f54621d0b63a61e4
Sha256: 1b54c96845d8da347bb81198c75c8c073a0f02a3e8b1da86ae3c0f1528e09594
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: libg.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: isframesetenabled=1

                                         
                                         141.8.224.221
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 21 Mar 2019 04:22:02 GMT
Server: Apache
Content-Length: 10
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   10
Md5:    6608dd3e21ca3beabd4bdfa625a0b221
Sha1:   e926d0f8694a4bc4013308afaca7af51e4c9fd9f
Sha256: c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
                                        
                                            GET / HTTP/1.1 
Host: ww8.libg.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://libg.ml/?ga=CexbCVTXd1TVzhOSR18l7qkFoBMEMShL%2BRYEZsRkUEhNlKfZUGByHqxLa1QzhmF3LrdIgIBBQzXvvFmOzoTh5eexEOQ5HDjX4HOsmrGU8VpqP5rRbdiLU22mPauMkNm6K1AYKUe%2BG1SEvQvz%2B38OVPW1u0tIxfKNROK8Du9aKug%3D&gerf=On3BohDiTda5bcQa%2Bu2m7KS3VsjqzCvubJ2lVO%2BSicI%3D&guro=%2B4jInOjBuDWP8klDNuetlmAh1VpYi6%2FZZudEKN4FJlzk8BrkGFAP7fhYKpWUr1mN&

                                         
                                         68.178.213.99
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 21 Mar 2019 04:22:03 GMT
Server: Apache
Set-Cookie: COOKIE=10.22.16.235.1553142123545957; path=/ referrer=http://libg.ml/?ga=CexbCVTXd1TVzhOSR18l7qkFoBMEMShL%2BRYEZsRkUEhNlKfZUGByHqxLa1QzhmF3LrdIgIBBQzXvvFmOzoTh5eexEOQ5HDjX4HOsmrGU8VpqP5rRbdiLU22mPauMkNm6K1AYKUe%2BG1SEvQvz%2B38OVPW1u0tIxfKNROK8Du9aKug%3D&gerf=On3BohDiTda5bcQa%2Bu2m7KS3VsjqzCvubJ2lVO%2BSicI%3D&guro=%2B4jInOjBuDWP8klDNuetlmAh1VpYi6%2FZZudEKN4FJlzk8BrkGFAP7fhYKpWUr1mN&; path=/ t=e11a1eb04b9011e99e88fa163ee5b2f2; path=/ referrer=http://libg.ml/?ga=CexbCVTXd1TVzhOSR18l7qkFoBMEMShL%2BRYEZsRkUEhNlKfZUGByHqxLa1QzhmF3LrdIgIBBQzXvvFmOzoTh5eexEOQ5HDjX4HOsmrGU8VpqP5rRbdiLU22mPauMkNm6K1AYKUe%2BG1SEvQvz%2B38OVPW1u0tIxfKNROK8Du9aKug%3D&gerf=On3BohDiTda5bcQa%2Bu2m7KS3VsjqzCvubJ2lVO%2BSicI%3D&guro=%2B4jInOjBuDWP8klDNuetlmAh1VpYi6%2FZZudEKN4FJlzk8BrkGFAP7fhYKpWUr1mN&; path=/ caf_last_page_url=http://ww8.libg.ml/; path=/ caf_remotehost=10.22.16.235; path=/ caf_referrer=http://libg.ml/?ga=CexbCVTXd1TVzhOSR18l7qkFoBMEMShL%2BRYEZsRkUEhNlKfZUGByHqxLa1QzhmF3LrdIgIBBQzXvvFmOzoTh5eexEOQ5HDjX4HOsmrGU8VpqP5rRbdiLU22mPauMkNm6K1AYKUe%2BG1SEvQvz%2B38OVPW1u0tIxfKNROK8Du9aKug%3D&gerf=On3BohDiTda5bcQa%2Bu2m7KS3VsjqzCvubJ2lVO%2BSicI%3D&guro=%2B4jInOjBuDWP8klDNuetlmAh1VpYi6%2FZZudEKN4FJlzk8BrkGFAP7fhYKpWUr1mN&; path=/ caf_ipaddr=77.40.129.123; path=/ caf_geolocation=Norway; path=/ visitorxlibg.ml=1 Template--libg.ml=Simple2C; path=/ FeedProvider--libg.ml=Google; path=/
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ==_OCmYxHQLBT6jYKheX2tn9MCx74cu+1vHC0VUTLj/yHngJE4AS4+HdaWGz0I2eo8IFmPwiY5YOhE8nzPz9266gw==
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cartoon: lander-02-prod
Content-Length: 5473
Connection: close


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5473
Md5:    0118433365c2a0c734e9dfc09bd98019
Sha1:   273872261920f01d9405a3db92c78829f394ad97
Sha256: cd480b3521f6fea27c70f0eddbfbbde963481f18ab88e20fd8b24c6a40f8ec08

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 21 Mar 2019 04:22:03 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    dcd32ec546f187c1b03f70aa2996d6d2
Sha1:   45c2d4524c3a0d29cf414f2294720ad8725c88db
Sha256: b826afc38acd829b9c134b1fa7b20682d80305dcc9a33432b4f52a1a6171979e
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 21 Mar 2019 04:22:03 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=111937
Date: Thu, 21 Mar 2019 04:22:03 GMT
Etag: "5c91fc71-1d7"
Expires: Fri, 22 Mar 2019 11:27:40 GMT
Last-Modified: Wed, 20 Mar 2019 08:40:17 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    dfd374849ccdf54fe42a1d217fd86963
Sha1:   357fd1c8b77f5f12463225f0f4da5ec6ab6a5d58
Sha256: 1fe7d9c9d0c05258cec26d00c341c348f71b9c93e283449808701b2a37ad1ae1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=164809
Date: Thu, 21 Mar 2019 04:22:03 GMT
Etag: "5c92db31-1d7"
Expires: Sat, 23 Mar 2019 02:08:52 GMT
Last-Modified: Thu, 21 Mar 2019 00:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ea7a9a1ef34ba296cdc96cdb18ac4125
Sha1:   66bfd0529799e9d3076262938c31de724f8f71ed
Sha256: e3fb8bf93318eb0c2298a32ef7d5c3c64b91b96a7037e3a6e332e93cd745bb84
                                        
                                            POST / HTTP/1.1 
Host: s.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1754
Content-Transfer-Encoding: binary
Cache-Control: max-age=302182, public, no-transform, must-revalidate
Last-Modified: Sun, 17 Mar 2019 16:16:14 GMT
Expires: Sun, 24 Mar 2019 16:16:14 GMT
Date: Thu, 21 Mar 2019 04:22:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1754
Md5:    a15c9e9d34f9b982073586212858263f
Sha1:   fa02776a629b97ceb6fbb65ad313ae7585f0fbf4
Sha256: b184564a0dd4d7f472acc4b901cd7676e476d2748abd78d82467cb159afd5e7d
                                        
                                            GET /recaptcha/api.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         172.217.21.164
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Expires: Thu, 21 Mar 2019 04:22:03 GMT
Date: Thu, 21 Mar 2019 04:22:03 GMT
Cache-Control: private, max-age=300
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   464
Md5:    46fc99d6f6140d5735153a5067f4b5cb
Sha1:   edc88c8810ae0461e6657ef12f9bfaa101a9b0e7
Sha256: 3283a617a6b6780787502ee682d4b2a9a95f57878a0643899aecb89f9e3dee56
                                        
                                            GET /scripts/frontend.js HTTP/1.1 
Host: d24cze5sab2jwg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         143.204.51.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 3808
Connection: keep-alive
Last-Modified: Thu, 20 Sep 2018 18:12:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 20 Mar 2019 16:15:44 GMT
Etag: "0963e7d1630d93b9749f94e1a670222c"
Age: 43581
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: vspNTXywAByc9WvEl-C4NwHSXNdCzANuSLdTdvdrVItVy4Q0CbRWVg==


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   3808
Md5:    0963e7d1630d93b9749f94e1a670222c
Sha1:   36b249ecdd5bc2e23dba55f3f1d85d2bd4fc8981
Sha256: c8ae9019aaf595676d41ad16932bef3e1c31e5418adfafb43abb3d8399d425c5
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         172.217.21.164
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Thu, 21 Mar 2019 04:22:04 GMT
Expires: Thu, 21 Mar 2019 04:22:04 GMT
Cache-Control: private, max-age=3600
Etag: "16267319157718760039"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   56869
Md5:    0318da654752ba65dac9c8478a14fd7e
Sha1:   a795844a481287f15a6d73e4e39b5c0855747e52
Sha256: 0cf272af2fcf28775d6a97220ea5f60dadc3eb9276faf30e9fe539797307a3b5
                                        
                                            GET /scripts/nm_ga_bottom.js HTTP/1.1 
Host: d24cze5sab2jwg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         143.204.51.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 395
Connection: keep-alive
Last-Modified: Thu, 20 Sep 2018 18:12:30 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 20 Mar 2019 16:20:30 GMT
Etag: "1b73190474553d00cdf09a21d3e01b23"
Age: 43295
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: WVo1bDDUzoXDFeI4eTUWi6sKbij4-9nSTJmKTcUW35idG8igA14FAA==


--- Additional Info ---
Magic:  ASCII text
Size:   395
Md5:    1b73190474553d00cdf09a21d3e01b23
Sha1:   9ab005a28ccc70549bbceb07afe5b95ce87643ae
Sha256: d9b75b983115220e79e3b3bcdd6e5c29ea7f0c3df6a82acbd405baed54bd616f
                                        
                                            GET /scripts/nmads_caf_20170727.js HTTP/1.1 
Host: d24cze5sab2jwg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         143.204.51.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 1568
Connection: keep-alive
Last-Modified: Thu, 20 Sep 2018 18:12:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 20 Mar 2019 16:20:29 GMT
Etag: "adf1c9b6c49f96778479bc88bd15a515"
Age: 43296
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77bab.cloudfront.net (CloudFront)
X-Amz-Cf-Id: dbGguEMXVB1Ll8eGp59ijnhsqyodVwnpEH4ChCgLO5B3-NeVvXMQLQ==


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1568
Md5:    adf1c9b6c49f96778479bc88bd15a515
Sha1:   d2c8848e4dd7d47ff1a6b8ce8444a550055269e3
Sha256: 15e49655b52776dac5eb6a9e3ced19338b7e1a7137db37b54b03b6677f8abf91
                                        
                                            GET /scripts/cookies.js HTTP/1.1 
Host: d24cze5sab2jwg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         143.204.51.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 2606
Connection: keep-alive
Last-Modified: Thu, 20 Sep 2018 18:12:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 20 Mar 2019 16:15:44 GMT
Etag: "1759740abb448046353292a9304c3d47"
Age: 43581
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: GpaDG6VW6CFISH1CyaRDFH4kkBSiqsTz-oDDiejBJBNJF3Bvi4BaVQ==


--- Additional Info ---
Magic:  ASCII English text
Size:   2606
Md5:    1759740abb448046353292a9304c3d47
Sha1:   d722e0a78d695c55cf0d72bb35d18ef947b19e03
Sha256: 959ba69a168af591be9576b8222501fcc2c8b521abb4918fa6f4b5e275fba7b0
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 21 Mar 2019 04:22:04 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    26ec06093e243b374eb06f186e4ae10e
Sha1:   acbc0f02bd06bb10cf323ae80eae87af273cca00
Sha256: 9a012cb0e19a78bec320550e9b6aa95a1e272d0b76648bccae0a90321bc8ccf3
                                        
                                            GET /scripts/nm_ga_top_20170727.js HTTP/1.1 
Host: d24cze5sab2jwg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         143.204.51.54
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 848
Connection: keep-alive
Last-Modified: Thu, 20 Sep 2018 18:12:29 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 20 Mar 2019 16:15:44 GMT
Etag: "aa6050e3599af6a665217a0913ed2a9d"
Age: 43581
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Id: xJAl5dOMnzt5bliuMJ8fvPyRb4pTdiEtexB46H6gAult7CGqQJeOog==


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   848
Md5:    aa6050e3599af6a665217a0913ed2a9d
Sha1:   05fbb364d393f55ab194af4cf41f6e995fd1d34f
Sha256: 728f68a2acba52654d4dcda32b558e5a100de53b1d63953a75539f765fa2d180
                                        
                                            GET /recaptcha/api2/v1552285980763/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 92663
Date: Wed, 13 Mar 2019 18:44:04 GMT
Expires: Thu, 12 Mar 2020 18:44:04 GMT
Last-Modified: Mon, 11 Mar 2019 21:15:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 639480
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   92663
Md5:    ae1b5032187a5c70c83cd994e66bf9e8
Sha1:   240cb60d1d6e513565d0896215b74f0edf5c5832
Sha256: 8b7c5be41b97a54e4d39f939980fa5a38133670e023de63e665032a1947e82f4
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: libg.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: isframesetenabled=1

                                         
                                         141.8.224.221
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 21 Mar 2019 04:22:05 GMT
Server: Apache
Content-Length: 10
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   10
Md5:    6608dd3e21ca3beabd4bdfa625a0b221
Sha1:   e926d0f8694a4bc4013308afaca7af51e4c9fd9f
Sha256: c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
                                        
                                            GET /styles/template/Simple2C_CAF.css HTTP/1.1 
Host: d24cze5sab2jwg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         143.204.51.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 6841
Connection: keep-alive
Last-Modified: Thu, 03 Jan 2019 19:20:35 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 20 Mar 2019 20:06:38 GMT
Etag: "44221811bf07aa74a54df70102a178d5"
Age: 29731
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: iH5qkvS3PIZtdtbPqKYoCMYqIjieFVG6WyUV1IhMwIF6CZjLH4ceJw==


--- Additional Info ---
Magic:  ASCII C program text, with very long lines, with CRLF line terminators
Size:   6841
Md5:    44221811bf07aa74a54df70102a178d5
Sha1:   6f1419cd721746e707ee91753c8275be8e58cac5
Sha256: 061bf4cffc54f899a03104eb7c6be44b0718968a046f068bf1add290ba4d44f0
                                        
                                            GET /smartname/images/favicon.ico HTTP/1.1 
Host: d24cze5sab2jwg.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         143.204.51.54
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Content-Length: 3638
Connection: keep-alive
Last-Modified: Thu, 20 Sep 2018 18:12:38 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 20 Mar 2019 17:39:48 GMT
Etag: "5907e2fe1cdde2e5258fa3d42bdccaa3"
Age: 38541
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77bab.cloudfront.net (CloudFront)
X-Amz-Cf-Id: YQTkttZU2Kv0UcAnlb3hARh6zrJCrs6-Ij51oXZepazanAkGRClwjA==


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 256-colors
Size:   3638
Md5:    5907e2fe1cdde2e5258fa3d42bdccaa3
Sha1:   6dfe4b2079cfb5c664cb000948eabdf255bca292
Sha256: 7dc0ebf8083e053fae7b3c156ffce03024db01741cb47314018c61cf4f314d8b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 21 Mar 2019 04:22:09 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    88241807d7f5381a03dc05c475431355
Sha1:   5e41c4d1362d7cd04c0201e362fb706eded60e16
Sha256: 7d56a96b465f7c0e6ce7e86c75018ecbb02af1489b7709b569fd19a945a67b9f
                                        
                                            GET /css?family=Lato:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://d24cze5sab2jwg.cloudfront.net/styles/template/Simple2C_CAF.css

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 21 Mar 2019 04:22:09 GMT
Date: Thu, 21 Mar 2019 04:22:09 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   219
Md5:    e4ccf428cc0dbbf777e6a378e755959f
Sha1:   a565a70a71162560968cd0c311f1f8df17f1607a
Sha256: 2899f96881ad6c2abf13b5fa8dfc3c63251898c68ea0c28fcf92cefb6c862984
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 21 Mar 2019 03:22:22 GMT
Expires: Thu, 21 Mar 2019 05:22:22 GMT
Last-Modified: Wed, 16 Jan 2019 20:01:45 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17168
Age: 3587
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1143997447&utmhn=ww8.libg.ml&utmcs=UTF-8&utmsr=1176x885&utmvp=1176x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=libg.ml&utmhid=1720179387&utmr=http%3A%2F%2Flibg.ml%2F%3Fga%3DCexbCVTXd1TVzhOSR18l7qkFoBMEMShL%252BRYEZsRkUEhNlKfZUGByHqxLa1QzhmF3LrdIgIBBQzXvvFmOzoTh5eexEOQ5HDjX4HOsmrGU8VpqP5rRbdiLU22mPauMkNm6K1AYKUe%252BG1SEvQvz%252B38OVPW1u0tIxfKNROK8Du9aKug%253D%26gerf%3DOn3BohDiTda5bcQa%252Bu2m7KS3VsjqzCvubJ2lVO%252BSicI%253D%26guro%3D%252B4jInOjBuDWP8klDNuetlmAh1VpYi6%252FZZudEKN4FJlzk8BrkGFAP7fhYKpWUr1mN%26&utmp=%2F&utmht=1553142129573&utmac=UA-2201473-4&utmcc=__utma%3D59792683.2095422640.1553142130.1553142130.1553142130.1%3B%2B__utmz%3D59792683.1553142130.1.1.utmcsr%3Dlibg.ml%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=750195658&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ww8.libg.ml/

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 21 Mar 2019 04:22:09 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /s/lato/v14/S6uyw4BMUTPHjx4wWA.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Lato:400,700
Origin: http://ww8.libg.ml

                                         
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 28412
Date: Fri, 08 Mar 2019 05:45:52 GMT
Expires: Sat, 07 Mar 2020 05:45:52 GMT
Last-Modified: Wed, 11 Oct 2017 18:23:15 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1118177
Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  data
Size:   28412
Md5:    62fb51e9e645f63599238881b9de15dd
Sha1:   82b144e3c8b4ff40aeca34ddf7bc35985311b90e
Sha256: 5aeb07f9980663c2501c9620371e11ae7aa6e320d94dd753d0ef56d8308c74b3
                                        
                                            GET / HTTP/1.1 
Host: ww8.libg.ml
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://libg.ml/?ga=CexbCVTXd1TVzhOSR18l7qkFoBMEMShL%2BRYEZsRkUEhNlKfZUGByHqxLa1QzhmF3LrdIgIBBQzXvvFmOzoTh5eexEOQ5HDjX4HOsmrGU8VpqP5rRbdiLU22mPauMkNm6K1AYKUe%2BG1SEvQvz%2B38OVPW1u0tIxfKNROK8Du9aKug%3D&gerf=On3BohDiTda5bcQa%2Bu2m7KS3VsjqzCvubJ2lVO%2BSicI%3D&guro=%2B4jInOjBuDWP8klDNuetlmAh1VpYi6%2FZZudEKN4FJlzk8BrkGFAP7fhYKpWUr1mN&

                                         
                                         68.178.213.99
HTTP/1.1 302 Found
                                        
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Location: /


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing