Report - www.libramg.com/career/

Report Overview

Submitted URL
www.libramg.com/career/
IP
162.241.218.142
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-11-23 15:44:26
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.libramg.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.6 kB	320 kB	162.241.218.142
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	290 B	20 kB	142.250.74.174
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	164 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	1.2 kB	142.250.74.164
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.13.69.101
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	1.3 kB	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	63 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-23	medium	www.libramg.com/career/	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/style.css?ver=1.0	Malware
2022-11-23	medium	www.libramg.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/css/animate.css?ver=1.0	Malware
2022-11-23	medium	www.libramg.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/css/prettyPhoto.css?ver=1.0	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/js/jquery.prettyPhoto.js?ver=1.0.0	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/js/wow.js?ver=1.0.0	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/js/scripts.js?ver=1.0.0	Malware
2022-11-23	medium	www.libramg.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-11-23	medium	www.libramg.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6	Malware
2022-11-23	medium	www.libramg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7	Malware
2022-11-23	medium	www.libramg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Malware
2022-11-23	medium	www.libramg.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2	Malware
2022-11-23	medium	www.libramg.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2	Malware
2022-11-23	medium	www.libramg.com/wp-includes/js/wp-embed.min.js?ver=5.8.6	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/js/bootstrap.min.js?ver=1.0.0	Malware
2022-11-23	medium	www.libramg.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2	Malware
2022-11-23	medium	www.libramg.com/wp-content/themes/libramg/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	www.libramg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7	6.4 kB	2023-03-07	2024-04-25
Pretty URL www.libramg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:55 Last Seen2024-04-25 08:07:38 Times Seen3662 Hash 8fe2803a01c9fa77cb1a2618c3552dce 2230dd8f0604e4328e7c2a3f9437a6bf2986f592 e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	www.libramg.com/career/	2.1 kB	2023-03-11	2023-03-11
Pretty URL www.libramg.com/career/ IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash 1261b2715184be0266ae21132297ddc8 50dfb9b7821d52d7a17c9e6e6ade6239a534c1b9 89f9c0554754bc96d1a5cf07faf8a475230211fc38a12f614109056bcc0f1165 Loading...

	www.libramg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL www.libramg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 12:50:40 Times Seen68622 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.libramg.com/wp-content/themes/libramg/js/jquery.prettyPhoto.js?ver=1.0.0	22 kB	2023-03-11	2023-03-11
Pretty URL www.libramg.com/wp-content/themes/libramg/js/jquery.prettyPhoto.js?ver=1.0.0 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash 18d5c50ffe352181416bfbc4902e68ba 83b2561daac3a0c2913b6b8f3b913ff2039f8641 228ccc94c985aec9c1159f8651950ed3d7f351c598ff4c3c8cd2e90a0214997c Loading...

	www.libramg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	16 kB	2023-03-07	2024-04-25
Pretty URL www.libramg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-25 08:07:38 Times Seen1694 Hash 38400d9c6ba7d41239fccfaa9f523558 fe9a1548961441ce82e5399444f2be5408d2644c 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b Loading...

	www.libramg.com/wp-includes/js/wp-embed.min.js?ver=5.8.6	1.4 kB	2023-03-07	2024-04-25
Pretty URL www.libramg.com/wp-includes/js/wp-embed.min.js?ver=5.8.6 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 08:07:38 Times Seen6876 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&co=aHR0cDovL3d3dy5saWJyYW1nLmNvbTo4MA..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pbfblnb72q7q	69 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&co=aHR0cDovL3d3dy5saWJyYW1nLmNvbTo4MA..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pbfblnb72q7q IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 13:55:48 Times Seen99482 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.libramg.com/wp-content/themes/libramg/js/wow.js?ver=1.0.0	16 kB	2023-03-11	2023-03-11
Pretty URL www.libramg.com/wp-content/themes/libramg/js/wow.js?ver=1.0.0 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash 29725c2a9a94521616b5230b6c992349 7b3c0e3be4b9bb395fe7963f0c42d45f9a1a7394 ccd5a104403be024a4c13e7d52af74c30e4f9165818407ab084de0c8e57dd8a1 Loading...

	www.libramg.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-25
Pretty URL www.libramg.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 09:54:53 Times Seen31826 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.libramg.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6	18 kB	2023-03-07	2024-04-25
Pretty URL www.libramg.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 11:55:37 Times Seen12594 Hash 116c86c56f8db0bb63f15ceda50fdc98 75e308982ecf7cd43644b8b426e6aa1a0b0fbe26 def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Loading...

	www.libramg.com/wp-content/themes/libramg/js/bootstrap.min.js?ver=1.0.0	38 kB	2023-03-11	2023-03-11
Pretty URL www.libramg.com/wp-content/themes/libramg/js/bootstrap.min.js?ver=1.0.0 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash bea1a3daf665e3a9433e0074079bb17c b7b5968dfe80b2dc7d6e885083637ad3c33e5425 1c28b10020472371704fd0ab417bc06bd29b1a4be85576189bc4414892658976 Loading...

	www.libramg.com/wp-content/themes/libramg/js/scripts.js?ver=1.0.0	2.3 kB	2023-03-11	2023-03-11
Pretty URL www.libramg.com/wp-content/themes/libramg/js/scripts.js?ver=1.0.0 IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash bea040ff9f3d4f082a91ae1d6179ae02 28c216724d5ae4fb4a7a6779e28bcd3de3a33d8a 993fff3a581b8348c3b2826d101735db7421a4f053139cca351da9acafa6753c Loading...

	www.libramg.com/career/	167 B	2023-03-11	2023-03-11
Pretty URL www.libramg.com/career/ IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash dd537ebd79127725d6dbcc306b864298 b3d96978b58945f0808e5576f412cb494e1b0b17 a56edc82097976dd9776a40b1cda3c5eca0eae58a680dea69e1569cfef12612a Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&co=aHR0cDovL3d3dy5saWJyYW1nLmNvbTo4MA..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pbfblnb72q7q	35 kB	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&co=aHR0cDovL3d3dy5saWJyYW1nLmNvbTo4MA..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=pbfblnb72q7q IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash 754de8f4ef28a19cb4f2fe44225de2d5 e6caf993be1ab6589d5615bc15a07252ba262824 7771b8a76e2ba250e125362b8e6bad91e57be18dbb4a367aa13d0d988262994b Loading...

	www.libramg.com/career/	129 B	2023-03-11	2023-03-11
Pretty URL www.libramg.com/career/ IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash ba59da4ed1b3b03b2b8ddf4e64748e47 f42319e111a060aa2461af941d1d3b8240e28b6a 03b34312f5e83e0681d18351b86b781692c4f74fdd5ffe35d02ebe9b38c361ed Loading...

	www.google.com/recaptcha/api.js?render=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&ver=3.0	884 B	2023-03-11	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&ver=3.0 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash 8614229d93e5e3d8780bbcb612f9d0c5 ee9895743f8ba5b98a8c1713cf01b5b09a734799 5d01f61ecc2da6f4b97240b3fcb7f2e0c49663271a1ea4761a6b191fec8ea644 Loading...

	www.libramg.com/career/	388 B	2023-03-11	2023-03-11
Pretty URL www.libramg.com/career/ IP 162.241.218.142 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash 56d310c3bca290fc44c0e65a9f6b33d1 3e7db4a7a467ae8badab4f2222df0c479fecd86b 5b687841a181772d9b1e20de59bbed7852915ef15100d376a29b95f644a80bfc Loading...

		Size	First Seen	Last Seen
	#1 Eval - d5d5ec7bc74f9844c4e903b3fc2cf4c3	16 kB	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen8 Hash d5d5ec7bc74f9844c4e903b3fc2cf4c3 b979b6f1b379c1baab62232d11b97b8b81d04d7e a6ea689f7d9dad611f9b9128b7a88274629505eea048bdc0bfcf03552fec5d36 Loading...

	#2 Eval - 0444c5f145d2d3e57d22276906d31ed3	17 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 16:22:07 Last Seen2023-03-11 16:22:07 Times Seen1 Hash 0444c5f145d2d3e57d22276906d31ed3 59911ad4ae930cca4f21ddb8ea5f4a31b3877447 fb94c9f933b9c45fc0887b4dbc5da3045c9ad94a86668581a72e050852fed8bf Loading...

	#3 Eval - 40e897993bc34139909f84b8edde50ae	22 B	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen8 Hash 40e897993bc34139909f84b8edde50ae 5799d143ea010ef9492560599de8933c46f99ab5 1bb4b16c7de163ff866b60976156d8c769e3cd8f2b5bdea3c85e854c986003d6 Loading...

	#4 Eval - 117baf149bb678779e2683e5d5d49c64	62 B	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen9 Hash 117baf149bb678779e2683e5d5d49c64 a30fde40b2ed16853375dddcd25e51949ffb28a5 656ddb7093a608f140df5a991c579e27ad31e247a6ded28fa406e948965cf12a Loading...

	#5 Eval - 1d703c047033349b6491aaf4f23b1434	22 B	2023-03-08	2023-05-14
Pretty Observations First Seen2023-03-08 20:11:46 Last Seen2023-05-14 04:54:44 Times Seen9 Hash 1d703c047033349b6491aaf4f23b1434 1ba0b07cc847dff06a3711415664ac26d989c12f 96bc32102142a2b26979b51faca0349f415898ceeba6ca594e7498b337aa0808 Loading...

HTTP Transactions (63)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2474
Expires: Wed, 23 Nov 2022 16:25:29 GMT
Date: Wed, 23 Nov 2022 15:44:15 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2807
Cache-Control: max-age=156828
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:15 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:18:03 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 15:17:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1627
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Wed, 23 Nov 2022 16:24:17 GMT
Date: Wed, 23 Nov 2022 15:44:15 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: x15MV+gc6PiDJjqkOkgXdkAKLwis/K6EpmAJqJVHi/yPBrHAfCceiSCEvDPFqqkU3kiIQxf8rgo=
x-amz-request-id: F8MNGVXX7Y03Y8C3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 15:43:02 GMT
age: 73
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.libramg.com/career/

162.241.218.142

200 OK

5.1 kB

URL HTTP/1.1
www.libramg.com/career/
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Size
5.1 kB (5064 bytes)
Hash
3522cedfb9313015251aa6ea6bfe7456
01cb363b57bfc8f40537de5a8db59d9852072df2
293158f457750061c21b0b7dde65a173a111c653c4cf3c8b2787553927fc03d4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /career/ HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:14 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 5064
Link: <https://www.libramg.com/wp-json/>; rel="https://api.w.org/", <https://www.libramg.com/wp-json/wp/v2/pages/261>; rel="alternate"; type="application/json", <https://www.libramg.com/?p=261>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Server-Cache: true
X-Proxy-Cache: MISS

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 15:44:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&ver=3.0

142.250.74.164

200 OK

584 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&ver=3.0
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
584 B (584 bytes)
Hash
0fe5b7b8f3c5bffc10ba7a540160fa16
b368f3d3e008f1e7301e7b36687ccc019c375772
916461cc818b520c5f93d74219a890601d37b6ea6fcfca47b450fe163d9a4f7b

HTTP Headers

GET /recaptcha/api.js?render=6LfGdmkaAAAAADCOu2UERWLMT5tpH_QJyi45R4AP&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.libramg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Wed, 23 Nov 2022 15:44:16 GMT
date: Wed, 23 Nov 2022 15:44:16 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.libramg.com/wp-content/themes/libramg/style.css?ver=1.0

162.241.218.142

200 OK

5.0 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/style.css?ver=1.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
assembler source, ASCII text
Size
5.0 kB (4978 bytes)
Hash
fdb0854bed43aa5ed32af7afba5afcf8
0ff39962d6db0a0fbec1e6fc3a29df3a757e3106
9c9b6bd8385ca808993ce88f2e6888fdadffa51134b7f20101e4c03ebb878ad8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/style.css?ver=1.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 08 Mar 2021 18:27:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4978
Content-Type: text/css

www.libramg.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6

162.241.218.142

200 OK

15 kB

URL HTTP/1.1
www.libramg.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (33376)
Size
15 kB (14560 bytes)
Hash
6ebc7a4d773cb1f29a93f605933fba76
b113ca39afc5fd44cbc06dca58945bb5e9fb771e
7a12133f8cb48c1b5b4631ee9e9a0eebe36bbf2bbe1eb792b0f9fc630c18bd76

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 21 Jul 2021 18:56:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 14560
Content-Type: text/css

www.libramg.com/wp-content/themes/libramg/css/font-awesome.css?ver=1.0

162.241.218.142

200 OK

7.5 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/css/font-awesome.css?ver=1.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
7.5 kB (7524 bytes)
Hash
425b9c5bb524774d7f30160c36771785
af60c1059fb990e6e86ff744f9c286e78f9966e8
a1dfafaf50ffe1e3996576f74f6e0e9dccee46d19aaf562fbe6e5575171b8062

HTTP Headers

GET /wp-content/themes/libramg/css/font-awesome.css?ver=1.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sat, 30 Jan 2021 07:36:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 7524
Content-Type: text/css

www.libramg.com/wp-content/themes/libramg/css/animate.css?ver=1.0

162.241.218.142

200 OK

7.1 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/css/animate.css?ver=1.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
7.1 kB (7114 bytes)
Hash
2e3e181ba09aeef1598179afb032952b
0628d62595a6ba3ebcd6140bbaad6e171bd82240
a6ba0f79e8f4e59774bbd380cbfa624208b960c7cb11a8d76bc4f9b8566a8c1c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/css/animate.css?ver=1.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sat, 30 Jan 2021 07:36:41 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 7114
Content-Type: text/css

www.libramg.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2

162.241.218.142

409 Conflict

83 B

URL HTTP/1.1
www.libramg.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 409 Conflict
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.libramg.com/wp-content/themes/libramg/css/bootstrap.css?ver=1.0

162.241.218.142

200 OK

28 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/css/bootstrap.css?ver=1.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
assembler source, ASCII text, with very long lines (318)
Size
28 kB (28136 bytes)
Hash
788a781bdce651d4fb1d2aa70d0f5aae
08101dec3b05a12bfa4ee1707ca9da526428aa38
a0413505cc088ece1c84f0219f4838a65994b084ff3f6e4e58ba1110262bffa2

HTTP Headers

GET /wp-content/themes/libramg/css/bootstrap.css?ver=1.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 22 Feb 2021 16:42:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Transfer-Encoding: chunked
Content-Type: text/css

www.libramg.com/wp-content/themes/libramg/css/prettyPhoto.css?ver=1.0

162.241.218.142

200 OK

4.1 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/css/prettyPhoto.css?ver=1.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (402)
Size
4.1 kB (4053 bytes)
Hash
8839b97d74b3f8c5f2c53cd9aae184a2
72788dec9c8948091ebdcad6d31314f95df1ccc2
8c817e88367d9768aaf2a8a5e840a5872c879f480ffddf1ca8a898bb591eb124

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/css/prettyPhoto.css?ver=1.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Sat, 30 Jan 2021 07:36:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4053
Content-Type: text/css

www.libramg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

162.241.218.142

200 OK

4.6 kB

URL HTTP/1.1
www.libramg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Fri, 21 May 2021 20:40:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4618
Content-Type: application/javascript

www.libramg.com/wp-content/themes/libramg/js/jquery.prettyPhoto.js?ver=1.0.0

162.241.218.142

200 OK

7.8 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/js/jquery.prettyPhoto.js?ver=1.0.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (21847)
Size
7.8 kB (7812 bytes)
Hash
97684fc364e257e77dda31231afe0793
83af50b365a62d6a7c6c9be15ab30f19a76dcea4
c7130a03634148496fa53f6232832a4a8e6a5520318f6b091d0aed6ef659ba53

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/js/jquery.prettyPhoto.js?ver=1.0.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Sun, 14 Jul 2019 23:47:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 7812
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bfbcb844b33464fde990edaaeb587eac
a73a1d2c81b4e8755e4fac335f03deb412d3b6e0
18fb95ccf318b4b137931a5e0454b59e0cd57c6cd4d901ab04e116e1a464e629

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18FB95CCF318B4B137931A5E0454B59E0CD57C6CD4D901AB04E116E1A464E629"
Last-Modified: Wed, 23 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 23 Nov 2022 21:44:16 GMT
Date: Wed, 23 Nov 2022 15:44:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 15:11:11 GMT
cache-control: public,max-age=3600
age: 1985
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bfbcb844b33464fde990edaaeb587eac
a73a1d2c81b4e8755e4fac335f03deb412d3b6e0
18fb95ccf318b4b137931a5e0454b59e0cd57c6cd4d901ab04e116e1a464e629

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18FB95CCF318B4B137931A5E0454B59E0CD57C6CD4D901AB04E116E1A464E629"
Last-Modified: Wed, 23 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21537
Expires: Wed, 23 Nov 2022 21:43:13 GMT
Date: Wed, 23 Nov 2022 15:44:16 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.libramg.com/wp-content/themes/libramg/js/wow.js?ver=1.0.0

162.241.218.142

200 OK

4.8 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/js/wow.js?ver=1.0.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (624)
Size
4.8 kB (4820 bytes)
Hash
fdaacac6ba05fda8fc1de6160e8bd453
63fd7b46192d4c3df72dfaba516c8bf99d282637
58dc1063cb3b8c281bcb44242da77700c2533eedaa7dc72f4c0762deabc57e99

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/js/wow.js?ver=1.0.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Sun, 14 Jul 2019 23:47:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 4820
Content-Type: application/javascript

www.libramg.com/wp-content/themes/libramg/js/scripts.js?ver=1.0.0

162.241.218.142

200 OK

1.1 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/js/scripts.js?ver=1.0.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (624)
Size
1.1 kB (1090 bytes)
Hash
6939afebb13703212871b995084f22e2
467a705d77558595938d52b9d701218f8a4ef01b
9b0425b3baccc7849b2e4ffa3d77fe79f55ef87066d0d56112274adbe709bf30

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/js/scripts.js?ver=1.0.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Sun, 14 Jul 2019 23:47:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1090
Content-Type: application/javascript

www.libramg.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

162.241.218.142

200 OK

39 kB

URL HTTP/1.1
www.libramg.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65447)
Size
39 kB (39066 bytes)
Hash
feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 18:56:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Transfer-Encoding: chunked
Content-Type: application/javascript

www.libramg.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6

162.241.218.142

200 OK

5.2 kB

URL HTTP/1.1
www.libramg.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15224)
Size
5.2 kB (5243 bytes)
Hash
00af0ddf324f69fcb25f0d2e5d08910a
df0379ab0e1b2902957c8aba77f89d88e1239b59
f0a06ed3b8d3917b358def04d87668001cd1c6da31a5cb4bb452313feb64a2a7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 18:56:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 5243
Content-Type: application/javascript

www.libramg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7

162.241.218.142

200 OK

2.6 kB

URL HTTP/1.1
www.libramg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (6406), with no line terminators
Size
2.6 kB (2635 bytes)
Hash
340db4973d1ee14c5348599f661a3220
d4cf31e2af7774c276d7a883733a8392e232df49
85d0de0d6dbe1f487407829c52413d7e81c7c9ed28bc3ae9079c19303e91f678

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 18:56:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 2635
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4151
Cache-Control: max-age=153108
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:16 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:16:04 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

www.libramg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

162.241.218.142

200 OK

6.9 kB

URL HTTP/1.1
www.libramg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (16323)
Size
6.9 kB (6935 bytes)
Hash
122fe79a1d53d10946cded540d2e219f
6271fdf889afe8a13d7c69efea9b40cbd0d81939
94cb1b0ca86f7f0bb7bcc81b42a06b6199bd37ff77ca88dccf3acc92683f3e24

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 18:56:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 6935
Content-Type: application/javascript

www.libramg.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2

162.241.218.142

409 Conflict

83 B

URL HTTP/1.1
www.libramg.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 409 Conflict
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.libramg.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2

162.241.218.142

409 Conflict

83 B

URL HTTP/1.1
www.libramg.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 409 Conflict
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.libramg.com/wp-includes/js/wp-embed.min.js?ver=5.8.6

162.241.218.142

200 OK

777 B

URL HTTP/1.1
www.libramg.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1391)
Size
777 B (777 bytes)
Hash
06ece4d01ee88297957c9f4cdcaa4df5
2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Last-Modified: Fri, 21 May 2021 20:40:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 777
Content-Type: application/javascript

www.libramg.com/wp-content/uploads/2018/07/Certified-WOSB.jpg

162.241.218.142

200 OK

12 kB

URL HTTP/2
www.libramg.com/wp-content/uploads/2018/07/Certified-WOSB.jpg
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x160, components 3\012- data
Size
12 kB (11469 bytes)
Hash
c81a2e16337aed6df5bbf73d264d583e
f2aa4485d5abb75050b7a8241f38fabfd8773056
6dc6154c75d5d81fe7d6ca3505712bbc4a5e00acd5da47c749cc2236a953f061

HTTP Headers

GET /wp-content/uploads/2018/07/Certified-WOSB.jpg HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.libramg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 14 Jul 2019 23:47:02 GMT
accept-ranges: bytes
content-length: 11469
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Wed, 23 Nov 2022 15:44:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.libramg.com/wp-content/themes/libramg/js/bootstrap.min.js?ver=1.0.0

162.241.218.142

200 OK

15 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/js/bootstrap.min.js?ver=1.0.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32003)
Size
15 kB (14672 bytes)
Hash
2935111b08898a10ead656f14d16c430
157beedff6312e8af6da62c5b3350b53321a6c38
1618bd1c5be22535f1d0a95ac54e82d22478fa878e6645d89851080b501d59e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/js/bootstrap.min.js?ver=1.0.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 14 Jul 2019 23:47:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 14672
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2

216.58.207.195

200 OK

29 kB

URL HTTP/2
fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 29436, version 1.0\012- data
Size
29 kB (29436 bytes)
Hash
4e29aceac72b453671f585e88f69c24a
35115af67eca17e02698954f1533b69515ecbbf9
b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699

HTTP Headers

GET /s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.libramg.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 06:30:00 GMT
expires: Fri, 17 Nov 2023 06:30:00 GMT
cache-control: public, max-age=31536000
age: 551657
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.libramg.com/wp-content/uploads/2018/07/EDWOSB.jpg

162.241.218.142

200 OK

18 kB

URL HTTP/2
www.libramg.com/wp-content/uploads/2018/07/EDWOSB.jpg
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x160, components 3\012- data
Size
18 kB (18195 bytes)
Hash
0e3565c5e7521b5c7f38506376845dab
fe16822da2e8093344e8c665d76b458a6695c282
1b8bb67220da07d102849c6e29d24c5f4b2fe7d9b9956b08f509970d1b9933a3

HTTP Headers

GET /wp-content/uploads/2018/07/EDWOSB.jpg HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.libramg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 14 Jul 2019 23:47:02 GMT
accept-ranges: bytes
content-length: 18195
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Wed, 23 Nov 2022 15:44:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.libramg.com/wp-content/uploads/2018/07/HUBZone.jpg

162.241.218.142

200 OK

20 kB

URL HTTP/2
www.libramg.com/wp-content/uploads/2018/07/HUBZone.jpg
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x160, components 3\012- data
Size
20 kB (20021 bytes)
Hash
598847d94911aa4f6619c4c0a5065cef
309d07eaa0db654161ae7843dc514cf4f7d46e25
e23c1392c231ea7b9c89c5f26dcaabbd91223f99d1f8908033cb68e9afe0cadb

HTTP Headers

GET /wp-content/uploads/2018/07/HUBZone.jpg HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.libramg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 14 Jul 2019 23:47:02 GMT
accept-ranges: bytes
content-length: 20021
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Wed, 23 Nov 2022 15:44:16 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 15:44:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.13.69.101

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.69.101:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a8Q/mYllLfRhRqRAghiGtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xeGYX9KYCK/u3PZquY5j0QtUlzM=

www.libramg.com/wp-content/themes/libramg/img/logo.png

162.241.218.142

200 OK

21 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/img/logo.png
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 496 x 146, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21320 bytes)
Hash
0f7b9b5ebcbb349c5af90bfea5b539bb
8df3910ccf5dcdfb8384754eb840a0c7811895dc
7ba908a2a9a6aeb7b8e21fc168f16e3e9ec422337cee6c6bbbc1e6e2ee5a9577

HTTP Headers

GET /wp-content/themes/libramg/img/logo.png HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:17 GMT
Server: Apache
Last-Modified: Sun, 14 Jul 2019 23:47:02 GMT
Accept-Ranges: bytes
Content-Length: 21320
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type: image/png

fonts.googleapis.com/css?family=Dosis:200,300,400,500,600,700,800

142.250.74.10

200 OK

567 B

URL HTTP/2
fonts.googleapis.com/css?family=Dosis:200,300,400,500,600,700,800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
567 B (567 bytes)
Hash
54b2a02b8351868d983fd7335d172e1f
af820666dc47e18fc70703d1df23e4a3effbdcaf
11f704a30ed68410b0ad5bff77b96bc0fbb6411027537943c9132bb2aef971e1

HTTP Headers

GET /css?family=Dosis:200,300,400,500,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.libramg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 15:44:16 GMT
date: Wed, 23 Nov 2022 15:44:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.libramg.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2

162.241.218.142

409 Conflict

83 B

URL HTTP/1.1
www.libramg.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/career/

HTTP/1.1 409 Conflict
Date: Wed, 23 Nov 2022 15:44:17 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/1.1
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.libramg.com/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Wed, 23 Nov 2022 14:22:55 GMT
Expires: Wed, 23 Nov 2022 16:22:55 GMT
Cache-Control: public, max-age=7200
Age: 4882
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.libramg.com
Connection: keep-alive
Referer: http://www.libramg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:58:48 GMT
expires: Thu, 23 Nov 2023 14:58:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 2729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.libramg.com/wp-content/themes/libramg/fonts/fontawesome-webfont.woff2?v=4.7.0

162.241.218.142

200 OK

77 kB

URL HTTP/1.1
www.libramg.com/wp-content/themes/libramg/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/libramg/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.libramg.com/wp-content/themes/libramg/css/font-awesome.css?ver=1.0

HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 15:44:17 GMT
Server: Apache
Last-Modified: Sun, 14 Jul 2019 23:47:01 GMT
Accept-Ranges: bytes
Content-Length: 77160
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type: font/woff2

www.libramg.com/wp-content/uploads/2018/08/libramg-favicone.png

162.241.218.142

404 Not Found

5.2 kB

URL HTTP/2
www.libramg.com/wp-content/uploads/2018/08/libramg-favicone.png
IP
162.241.218.142:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1820)
Size
5.2 kB (5196 bytes)
Hash
623f7920ec6b2299470aeb6c902a4707
d1546c30bbd3a2dedc4ca55deb5f52f9ea9a26d5
51aa05f369879ee482e2273ec50b15dc08b2d5b2b3d4b8dc172a3406aaa9711e

HTTP Headers

GET /wp-content/uploads/2018/08/libramg-favicone.png HTTP/1.1
Host: www.libramg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.libramg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.libramg.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5196
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 15:44:17 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 357139
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:46:16 GMT
expires: Fri, 17 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 496681
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3492
Expires: Wed, 23 Nov 2022 16:42:30 GMT
Date: Wed, 23 Nov 2022 15:44:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3492
Expires: Wed, 23 Nov 2022 16:42:30 GMT
Date: Wed, 23 Nov 2022 15:44:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3492
Expires: Wed, 23 Nov 2022 16:42:30 GMT
Date: Wed, 23 Nov 2022 15:44:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4977 bytes)
Hash
0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 64050
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9766 bytes)
Hash
3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 64559
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:54:28 GMT
age: 64190
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8683 bytes)
Hash
35a44687c086af7b41c8333297bec58e
1b3efc7e58c1e7220830d0060a6d1942869243a0
39a525fde61e3110f773cb121407925a2d2d1b8003c7beb58cf4fd8b18b8d78a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8683
x-amzn-requestid: 4e9d4c04-802f-4ab8-bb51-645f31de068a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_4G8voAMF-YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4065-01d3c8271b80e7ba7bb40f88;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g-Zj093YIQ0Kdg4oxF2aZ3HzsgNGu1l8l8Ji7trCGCZPKEgQ9riqjQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:06:09 GMT
age: 63489
etag: "1b3efc7e58c1e7220830d0060a6d1942869243a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9138 bytes)
Hash
6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 63302
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8081 bytes)
Hash
309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0qleUIXFjvOqr3SeTpnFnVnhacI-ps0Fc33zsWp3eynFDhYOasUpPw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 64050
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations