| libgen.li/ | 172.67.193.122 | | 7.6 kB |
IP172.67.193.122:0
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (618), with CRLF line terminators Hash7a0563754dcfb6725a0c032a6067be20 c7872d27a02e350e6f656e51b90f978f23d82edb b64d8b110ca576690554f659aede26ea88d9f3168810c8cafe338ded46e60fb3
GET / HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: covers=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
gmode=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
showch=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
objects=f%7Ce%7Cs%7Ca%7Cp%7Cw; expires=Sat, 03-May-2025 15:57:30 GMT; Max-Age=31536000
curtab=f; expires=Sat, 03-May-2025 15:57:30 GMT; Max-Age=31536000
columns=a%7Cs%7Ct%7Cp%7Cy%7Ci; expires=Sat, 03-May-2025 15:57:30 GMT; Max-Age=31536000
topics=l%7Cf%7Cr%7Ca%7Cm%7Cs%7Cc; expires=Sat, 03-May-2025 15:57:30 GMT; Max-Age=31536000
PHPSESSID=fe96aq4g6fdiv4vt0vtgvqt15n; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lIu7mh6d0ebZ%2BJgJKef0u0quhvJioEAkOMPcsBKHuiHhRj%2Bm5J8bqA0FI8qylgSpnrqdYxM1wN8xirCyABj3VvuQw62zdGYu2x%2FaZ8S9RkqJCpjklfQqEHPNyR4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e173db09cc56ba-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 | 104.21.57.230 | 200 OK | 6.3 kB |
URL User Request GET HTTP/1.1libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 IP104.21.57.230:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (399), with CRLF line terminators Hashc3deee7b7770a1c95b1eba268e48ea03 9d2bff123b0501f9e5a61999e55ed28d8c9b26e3 f4204d8a3a34c2661ef01b89fbb2917f507d320e023838b22fcd78a1df0eca86
GET /ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vuDAy8cCM%2Fn2SN1gyI5Ur0TiAHANj35B0raokru%2FfrhHdUF7bg75LClMzNmfR7Ro857okt1JIZ%2F2Bh5WI7sh62wxxvjj%2Fhonghf9nYwhWeJmXKbal86LtKVp%2FFg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e173de483556b9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| libgen.li/css/font.min.css | 104.21.57.230 | 200 OK | 2.0 kB |
URL GET HTTP/1.1libgen.li/css/font.min.css IP104.21.57.230:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Hash1cfc8d7c07d7436f0c17968acb4d850d e39050e66ec728eebc51096e05b7a428a6d650c0 356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13
GET /css/font.min.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 09 Jun 2021 18:13:05 GMT
Vary: Accept-Encoding
ETag: W/"60c104b1-25d7"
Expires: Tue, 07 May 2024 16:19:24 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 257944
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOWz1Tqm8fRKYyRWW7%2Fwc6TzvNeNxsSMkYs2d8Y1So%2F2FLBXI0lsz6KJ1UsDAxVOArUx%2F4gYCNWDow2BVek3ShIt%2FPDa%2Fop9gF7aojGfe8S3jeYm4v%2FdQcDtwSM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e173e0fb3656b9-OSL
alt-svc: h2=":443"; ma=60
|
|
| libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 172.67.193.122 | 200 OK | 655 B |
URL GET HTTP/1.1libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (1238) Hash9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 15:20:25 GMT
ETag: W/"66310c39-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXchkq9OIt2fieREvF3z59K%2FVlPYelXwXFDeg4%2Fk9XcQhdcqzjO7479EUhukETpgjq926bvp2WfCOsyYsItoUm%2BDSyKZcpjtXp0ANjNQa32vLOfmYLiyrDosZuQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e10f1a712b-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 05 May 2024 15:58:28 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
|
|
| libgen.li/css/dark-mode.css | 172.67.193.122 | 200 OK | 139 B |
URL GET HTTP/1.1libgen.li/css/dark-mode.css IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Hashfd50c27b724f5f42571e433940422194 3ce23b8b712823b3a3cc6d26fd51fbb99dba6b9e 0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439
GET /css/dark-mode.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Apr 2021 06:48:36 GMT
Vary: Accept-Encoding
ETag: W/"608a56c4-126"
Expires: Tue, 07 May 2024 17:28:02 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 253826
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSB84IoNq9NxVKCYLH%2FObjD6pg%2BObEzd6cM0Tpp9gg%2FY6i1j2q5kqufdt4FuFszvLidgKrQ7pdzbZmDeLPnsFZtEtcjo1ESlmuOIupvaraIuHtgXkfj2Seev3MY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e173e0fa64b4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| libgen.li/js/dark-mode-switch.js | 172.67.193.122 | 200 OK | 777 B |
URL GET HTTP/1.1libgen.li/js/dark-mode-switch.js IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Hash9ca505b605f0247bb2db2e8ba898ac2a 576412cb53709781f9be65f9b3b08d9d51494a75 2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b
GET /js/dark-mode-switch.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 22 May 2021 16:34:13 GMT
ETag: W/"60a93285-b75"
Expires: Tue, 07 May 2024 17:28:02 GMT
Cache-Control: max-age=604800
CF-Cache-Status: HIT
Age: 253826
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2GE70yhGpTqt4AhnWek99YX5tZLc2oK6l4kLbzTBcGnx63I0Tl2F2mda8vhq5w9pEZEY4Iz2UcxRSm7TTMXJy1TqVe8SQgkGG5flN0k9WtTNpVUGufURPvp4rg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e10b6eb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| libgen.li/js/popper.min.js | 172.67.193.122 | 200 OK | 6.9 kB |
URL GET HTTP/1.1libgen.li/js/popper.min.js IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (19015) Hashc2457ff14b8092f06f6d6610b202ec7f 6465bce461e777d6871c2d8dead3f6cfbbfab664 c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591
GET /js/popper.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 16 May 2021 04:13:40 GMT
ETag: W/"60a09bf4-4ace"
Expires: Tue, 07 May 2024 20:12:37 GMT
Cache-Control: max-age=604800
CF-Cache-Status: HIT
Age: 243951
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k5Qnur5x19mU77uryhweUMlpIt4CzoOcL%2BJwljO4leuj7icnSF6tyHtb4WrpLfdyE5L%2FO1AyFmwkmUt2CHa7HrDQu9tUA9XUsFEUCEwd3KOQUhgQdbvGf2jJThc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e10faab4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| libgen.li/js/form-validation.js | 172.67.193.122 | 200 OK | 380 B |
URL GET HTTP/1.1libgen.li/js/form-validation.js IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text Hash0b7eb3e3f49c158dcc9f4787dc1eb2d5 f1426bab12a38e3c7be0924785b6808de919be15 ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34
GET /js/form-validation.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 13 Oct 2020 12:33:28 GMT
ETag: W/"5f859e98-2ae"
Expires: Tue, 07 May 2024 18:39:08 GMT
Cache-Control: max-age=604800
CF-Cache-Status: HIT
Age: 249560
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7jdO5b9JGvmHlozHaclYY9RrnIpo5U%2F%2FaPJZisSuHXjGpZcwHFEKAYQbe3LJZjjg5Jc65%2FjWpHrUrT%2B2GhaXsxgyRQo5YlcCD1oalCJLWKTIeGuDwXY9YSs8tg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e10bba56af-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css | 151.101.129.229 | 200 OK | 26 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css IP151.101.129.229:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65326) Hash023b3876bb73aa541367fc40a193d2b7 8ed2d6350d23f857d92805737d0f97c675de666b f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: br
accept-ranges: bytes
date: Fri, 03 May 2024 15:58:28 GMT
age: 22589187
x-served-by: cache-fra-etou8220099-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js | 151.101.129.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js IP151.101.129.229:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash7f389f5d2622ce2090eca7c36bcb90bc ab27031159724e2421f6ff5c70f48e657abe9d39 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: br
accept-ranges: bytes
date: Fri, 03 May 2024 15:58:28 GMT
age: 19583955
x-served-by: cache-fra-etou8220114-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23383
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js | 151.101.129.229 | 200 OK | 16 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js IP151.101.129.229:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (62961) Hashf20fa8b102f205141295cdefd6ffe449 0c4e8445f6f0c9611dc1c13dc6f085eb4bcaca0b d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
content-encoding: br
accept-ranges: bytes
date: Fri, 03 May 2024 15:58:28 GMT
age: 19057800
x-served-by: cache-fra-etou8220064-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.2.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.2.137:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 May 2024 15:58:28 GMT
age: 608088
x-served-by: cache-lga21931-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 460282
x-timer: S1714751908.102201,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| libgen.li/img/logo.png | 172.67.193.122 | 200 OK | 2.0 kB |
IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typePNG image data, 64 x 90, 8-bit colormap, non-interlaced Hash1d7aaa9da9adc174db1fb4c6a69d7bfb b5acc94460f3609334599b914bede8beb085b669 4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9
GET /img/logo.png HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: image/png
Content-Length: 1976
Connection: keep-alive
Last-Modified: Sat, 30 May 2020 06:17:58 GMT
ETag: "5ed1fa96-7b8"
Expires: Tue, 07 May 2024 16:19:24 GMT
Cache-Control: max-age=604800
CF-Cache-Status: HIT
Age: 257944
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENcjwAWs2oP3R%2BfNfnUFgktJzonT%2FannSUo0DVYiKA81BWwtb7fjVC7S6h%2FdibP9ObQgfRUy1jG94D0wAChbZeHbZxEJnEuLzPTvSiujRbMTgKl26fwLfnN%2BDu8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e1fd09b500-OSL
alt-svc: h2=":443"; ma=60
|
|
| contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz | 172.240.108.68 | 200 OK | 31 kB |
URL GET HTTP/1.1contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz IP172.240.108.68:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash4837721913d898c4731b823fb17d51b5 e99393f6644b937e70dc692ce26cac98a427ea70 c3c6fd9587a5acdbcfc14a6573b503d53d910c4947b26835e08e2e9f64f60e38
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a2ca4b0fa2fc6adf9e7dc93612db76a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 May 2024 16:58:28 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmbIvpGirfAMN1d3iUyLws7L1owRcDugQ0VV7bBjpNvNk%2FIRLbYrwHsc9LKWCPhM%2FRkAlvSJJncP%2FGKcfC79NSjnhaan6zKis6iOfcE5d6jZEYEhonhlt3kdpFU8oczoPmpqETHDecz0H8Uu%2F%2BJlRg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e55e80b4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| libgen.li/fictioncovers/1267000/62087ab443dfc1990b6094a2923789ef.jpg | 172.67.193.122 | 200 OK | 76 kB |
URL GET HTTP/1.1libgen.li/fictioncovers/1267000/62087ab443dfc1990b6094a2923789ef.jpg IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 576x863, components 3 Hashb1b577a1c9964e3fd4471d0877de3b27 d52d5aa78c221d77396d912943043f6780e03a87 61f2f41efbf6892cc429a8207916e9a2527f793fe8ddfeec87861556ce7dc3e3
GET /fictioncovers/1267000/62087ab443dfc1990b6094a2923789ef.jpg HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: image/jpeg
Content-Length: 75766
Connection: keep-alive
Last-Modified: Sat, 05 Sep 2015 08:37:31 GMT
ETag: "10000000f9dd7-127f6-51efbed5cfea9"
Expires: Fri, 10 May 2024 15:58:28 GMT
Cache-Control: max-age=604800
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FBQ%2B4wbEvBXsyIZWIIN8K61XGSLh6OqB%2Bk00O7Bw41ia%2BIfejEG%2BBqXVsI6ba8%2BbCTftAytWYBYdhbozYM9sU%2BhkiYvP4yUf6zwCzFRt8iX5ScELtpU4lxblEY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e1f8feb4f1-OSL
alt-svc: h2=":443"; ma=60
|
|
| contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP172.240.108.68:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (31364), with no line terminators Hash40e8889f9281c7803054ab7e704cd102 e79669b83f58e83d07077193d147d85d560e80de 2a17224e7a1638ca286a1e70a265fc8cb492588f96874e3af29864c6aff304ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ad72a7323c69ea5bca540e7154b2276
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash353dbae1e1b45a750770ae51bef13ba7 465917a2a0bbb947e9727e7f08b584a82aa6fb81 9fa5becc3e07f31f2f08bf5f331d6bfda4f6386634ea524bc3a8c56ac1c0bc2b
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 03 May 2024 15:58:28 GMT
Last-Modified: Fri, 03 May 2024 15:55:53 GMT
Server: ECAcc (ska/F73C)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 05tZGXwS4OdRs_HJ_agY-wDWr4rP-ihbKqVy36qh043ulovJOScH3Q==
Age: 155
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash9f70647c5f630721848147b05e88f40d 690dee6039b70f1f7054293c882adf3bbe1c005a f6a760aee4eac7947589d3d6576943447bdb7dee4a934aabf1321645586628bf
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 15:58:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://libgen.li
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe:3:1; expires=Mon, 01 May 2034 15:58:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash8b36a1d5c1baf125ac6c6e9dbbba0f9e ec227af9795dfdb98c3d64e9909aa9dd5813607a 448cf1c668a852a9500e3b540e3f70edcf0e5b980c36124f47487836a6f5b165
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 03 May 2024 15:58:28 GMT
Last-Modified: Fri, 03 May 2024 14:15:15 GMT
Server: ECAcc (ska/F7A3)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4bUiUzvShlLcFt3VvKs2DIQQXoOdp6aDI4hnaC-55ur_LKOtJwG2Sg==
Age: 6193
|
|
| contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP172.240.108.68:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (31367), with no line terminators Hash4c7307df09114da50302344edcdc64df 94c9c7393791a14a9717e6f18b8abb2cb83ef39e 5281a22997e659a71ec16c45bee177ade0fed440bd5ee590718bea39db94f30c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0ed1ab5c5e8e5a7fa393713bb1f15c0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash85f4858adaa4d288906d6410ca3fc030 836ff8f71bbbbef01ee5abab44d72a3461c8b43e ca6bd7792d35b75358cdbcee92db188658b69ff9a6e9c6977bd024940d2b723c
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 15:58:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://libgen.li
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1e3efc97-c08c-4504-864a-1198c1349783:2:1; expires=Mon, 01 May 2034 15:58:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| enraptureshut.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js | 192.243.59.13 | 200 OK | 16 kB |
URL GET HTTP/1.1enraptureshut.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js IP192.243.59.13:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (45364), with no line terminators Hash43acdda46835ae1176e0b938b88db1c4 8139f677183ccec73caf1e3c857c07975025a879 36e3eafe23b9284d3d839c19ff701717c69ee334635499bb0058694eea1df1ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js HTTP/1.1
Host: enraptureshut.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Mon, 06 May 2024 18:58:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40e48a72e75de620a88777f8453c5efb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 28 kB |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 15:58:28 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8b71e02feab2b05bf6bc5c6fb351dcd7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 15:58:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nx86YTSkEo3E5Gbs64ccTHy%2BgWIa8jUmESu2pITuf5%2B7iErHMadfR3OVj6ZDwIFLvu5R47wcPgt65q8zCaMywGPFou7oOn2uWmz%2FQjzP1s40RMAgUsVDk5hiwowr6OqJUuVGtmsEv9ckgjgAXQ7nNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e173e5aeed0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP172.240.108.68:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (31358), with no line terminators Hashd1914e5bb5a13b28461147ecea0d8d4c e7872270e33d0660e8ec455f01115c4e7742bf04 53149e95bf985c16e74c5d8f66ace41599c3f1b681faa3108a92333beae3d837
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 34783a6611ff1e0f9a60693cc6dd86c8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| wiggledeteriorate.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 192.243.61.227 | 200 OK | 16 kB |
URL GET HTTP/1.1wiggledeteriorate.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (45356), with no line terminators Hasha3424b714245ad112122311d7b11f9f5 268bad1f0fbc07b50c3973c24f68269c4642cd4e fd5cc687657633edfac7035f397ec189a8d173889e391e33bc0f3f298cd3c9b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: wiggledeteriorate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Mon, 06 May 2024 18:58:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 661282df9f2b2c443c351b013d404c61
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 May 2024 16:58:29 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HY7G0ECgXIXNgJhYui%2Bl6OQjUar7r06riFppYBZdr5vZNvwei3oKhJzieBTRmuzcaN63nI1oSQEL3RJMVU6y9b5XamCyUOBK75YAVF%2FWi1qyuW8XksGkirAkDuUkCY7DoSVMdC86cJ3r54OYv9rnqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e84957b4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP172.240.108.68:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (31358), with no line terminators Hash6fb22afd09400c1ba3460a16693e5728 bb48b8208b1566c132cf42d82cd60b2e38c1799a 717b522dc00b84e4e94437be32d77a7d621cbb37c532dbb8097431dd953e152f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 584555956988443ddd8715ae246fba4b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| inconveniencemimic.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 172.240.127.234 | 200 OK | 16 kB |
URL GET HTTP/1.1inconveniencemimic.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP172.240.127.234:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (44072), with no line terminators Hasha7de0f51e605fc90e1044e8e78b20a82 66db20634864cbf54f63c506cbece63649e5a641 a6b27ce1445042ca787a35acb216812d66fd1949e81b55cca67be85ec833c659
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Mon, 06 May 2024 18:58:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba10a8ba2819085d3f2ab21e1a55c247
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 May 2024 16:58:29 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiCZvcDithCUCcZJl9Mc6ekTANKqhp040yXcQm4xxjWpMylp%2F2aAl76mhHqidn3RW61%2FnCx4eMuLf2ptL2uSAQ4TULbBzGiqR2C1U1oAbxLBXxmbj1VNf6bz%2FfKZNJSUCqJEVmoBZj5nRhuqfKmboA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173e93a22b4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| inconveniencemimic.com/watch.487606928150.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe%3A3%3A1 | 172.240.127.234 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1inconveniencemimic.com/watch.487606928150.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe%3A3%3A1 IP172.240.127.234:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.487606928150.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe%3A3%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Location: https://inconveniencemimic.com/watch.487606928150.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=aed2ce951041fee3ff6a5fa2883d47143805306580186e3d8c1f1d23d84d010a6b86e8eff55ef9f035dbc5d84d9318cad5722bc82bcbc0915625d71ebb9472e03d6191bd23795ef74123c3d8c1ab5f7aa6e368a45a87da4ff022fdd17a4685a777&tz=0&uuid=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe%3A3%3A1
Set-Cookie: u_pl=17566676; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4; expires=Fri, 03 May 2024 15:59:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eafb622f42ceeeba5eff6ff59b668fcf
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| stiflepowerless.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 192.243.61.227 | 200 OK | 16 kB |
URL GET HTTP/1.1stiflepowerless.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (45376), with no line terminators Hash6cccb3c0c3a62c3e6b43a3884fd3ee29 7ebc8112656ae28864722b049eda39081b271e89 3bd647acffc269d07af18c925e249f85ab5d7c813a56ff26be4145c887466308
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: stiflepowerless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Mon, 06 May 2024 18:58:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ef56cf791764d3b8f5a4f816815d5d9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 May 2024 16:58:29 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BykBn%2BGmmrHKJC7TzpNNbRT1mqMbk61f%2FObLbLPku3j1hnoALxou%2FjWeZgwukNbzRolSc4a2B601Qz7Y0MmPrs1XD4GKyEYW9PNa5LuXcsT3Psnca0SDbLUOZXgKRQepLAiuWf4Wi34BE4x2iKd8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173ea3b1cb4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| inconveniencemimic.com/watch.487606928150.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=aed2ce951041fee3ff6a5fa2883d47143805306580186e3d8c1f1d23d84d010a6b86e8eff55ef9f035dbc5d84d9318cad5722bc82bcbc0915625d71ebb9472e03d6191bd23795ef74123c3d8c1ab5f7aa6e368a45a87da4ff022fdd17a4685a777&tz=0&uuid=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe%3A3%3A1 | 172.240.127.234 | 200 OK | 2.0 kB |
URL GET HTTP/1.1inconveniencemimic.com/watch.487606928150.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=aed2ce951041fee3ff6a5fa2883d47143805306580186e3d8c1f1d23d84d010a6b86e8eff55ef9f035dbc5d84d9318cad5722bc82bcbc0915625d71ebb9472e03d6191bd23795ef74123c3d8c1ab5f7aa6e368a45a87da4ff022fdd17a4685a777&tz=0&uuid=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe%3A3%3A1 IP172.240.127.234:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2424) Hash78f6a3948d8b2a714ca62a0c8c451441 02dff2b0bfae53d03a8c99e87289e78a973ea572 ed884ee09a75adf75ed5ece0bee88f08c2eb64c4b26385300cb327aa220339e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.487606928150.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=aed2ce951041fee3ff6a5fa2883d47143805306580186e3d8c1f1d23d84d010a6b86e8eff55ef9f035dbc5d84d9318cad5722bc82bcbc0915625d71ebb9472e03d6191bd23795ef74123c3d8c1ab5f7aa6e368a45a87da4ff022fdd17a4685a777&tz=0&uuid=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe%3A3%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=bf74e8e3-9e66-4e3f-82ba-c18b62bc2ffe:3:1; expires=Fri, 10 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acd61117f083c9eaa2a4f2bf3143717a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| wiggledeteriorate.com/watch.157066863956.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 | 192.243.61.227 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1wiggledeteriorate.com/watch.157066863956.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectwiggledeteriorate.com Fingerprint2C:50:D3:85:9F:F1:5F:E3:0D:E5:00:E8:4D:82:6B:75:63:6C:B8:50 ValidityMon, 29 Apr 2024 13:03:22 GMT - Sun, 28 Jul 2024 13:03:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.157066863956.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 HTTP/1.1
Host: wiggledeteriorate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Location: https://wiggledeteriorate.com/watch.157066863956.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=c07d34edb3016c29fa472e10ae7d04194a16b57cdbe87f069bc4785f2ddf573cab5e346fcd04791f8370b71805c55c8c53e5ea051a63eaae20217fd645afc9b7f3eaa9abf90902c5a1aa97acf8655fc3b25dc18bca5cbe4db154fa59d920cb&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1
Set-Cookie: u_pl=17566676; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4; expires=Fri, 03 May 2024 15:59:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: defdc0a5a60f4c64ad6c82536ce19bec
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 43 kB |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c397be567d0612e9f0e697a452ec66b5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 15:58:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPLEptni2m6Tr4F5V%2BJQ0cVpcgx76tNPfW0OsKPVJAx9ZSgDhHtOJCjIgzHJtlQ2qspt1TtRCa7c0R4xilPENY0bLw4wi4GpT91EQPCL7vpd7LUMAhahkGywcW6S9qt0D4UK4Z1cbBicOtk4gS7NPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e173e7ab5b0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 May 2024 16:58:29 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLoq1pXRxypAmpLfoWm13EX4Yap2jllm6rN0chknYX8075k1rRY4b6BL9D9IqdOVsWSkm5M2l5kAqB%2FqYsEe2H7pcEr44ThKvRzaBhdyB26o8gxPHmvNcghhMeeyoLrFInTUPK7TR0kzmO6Qwmkupw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173eabb91b4ee-OSL
alt-svc: h2=":443"; ma=60
|
|
| stiflepowerless.com/watch.208385155768.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 | 192.243.61.227 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1stiflepowerless.com/watch.208385155768.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectstiflepowerless.com Fingerprint53:F8:A4:39:E5:76:60:B0:A3:94:D0:87:66:3E:90:E5:F4:2A:72:2D ValidityMon, 29 Apr 2024 13:09:50 GMT - Sun, 28 Jul 2024 13:09:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.208385155768.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 HTTP/1.1
Host: stiflepowerless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Location: https://stiflepowerless.com/watch.208385155768.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=59a06f8fbfcffb83917e06ab97b666b62db2e7cf5594f45c73604ec7d27705308c3aa3265778142d4b0b3ac3e0b8caad1dd0537c2c53bf66632a897e634917f5f7b73a107edcf14f3e55a6c10ab48b3b2698d7cc68688a89bda74f34a873e2&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1
Set-Cookie: u_pl=17566676; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4; expires=Fri, 03 May 2024 15:59:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40ecf06c176ac73c0af87e1387e9ea03
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| threeinvincible.com/watch.565631577142.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 | 172.240.108.84 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1threeinvincible.com/watch.565631577142.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 IP172.240.108.84:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.565631577142.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&tz=0&dev=e&res=14.2069&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Location: https://threeinvincible.com/watch.565631577142.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=5a24750fae66703508d06ab4a7c6f73947c2f80f2e8ea8630407df70c8be5ba7da7a00b4c49ac12103bf50b6249cf0e0fa9779db0af1df91272dc3c45956a5a40d19ad253d67b9b164fc22e9347e4da774291293879543d89b11e077ae7c&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1
Set-Cookie: u_pl=17566676; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4; expires=Fri, 03 May 2024 15:59:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9cc99516e4908194fdf867ce74f0bb8d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| wiggledeteriorate.com/watch.157066863956.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=c07d34edb3016c29fa472e10ae7d04194a16b57cdbe87f069bc4785f2ddf573cab5e346fcd04791f8370b71805c55c8c53e5ea051a63eaae20217fd645afc9b7f3eaa9abf90902c5a1aa97acf8655fc3b25dc18bca5cbe4db154fa59d920cb&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 | 192.243.61.227 | 200 OK | 2.0 kB |
URL GET HTTP/1.1wiggledeteriorate.com/watch.157066863956.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=c07d34edb3016c29fa472e10ae7d04194a16b57cdbe87f069bc4785f2ddf573cab5e346fcd04791f8370b71805c55c8c53e5ea051a63eaae20217fd645afc9b7f3eaa9abf90902c5a1aa97acf8655fc3b25dc18bca5cbe4db154fa59d920cb&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectwiggledeteriorate.com Fingerprint2C:50:D3:85:9F:F1:5F:E3:0D:E5:00:E8:4D:82:6B:75:63:6C:B8:50 ValidityMon, 29 Apr 2024 13:03:22 GMT - Sun, 28 Jul 2024 13:03:21 GMT
File typeJavaScript source, ASCII text, with very long lines (2483) Hash83eca0c4351a65112459768a7b2390dd a8614c921902e803ad7b611abca621d0d19144d6 da2f301a1c3ad869980a95b19c5dd7f39ec58093e9f56868be54cf570d9139f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.157066863956.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=c07d34edb3016c29fa472e10ae7d04194a16b57cdbe87f069bc4785f2ddf573cab5e346fcd04791f8370b71805c55c8c53e5ea051a63eaae20217fd645afc9b7f3eaa9abf90902c5a1aa97acf8655fc3b25dc18bca5cbe4db154fa59d920cb&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 HTTP/1.1
Host: wiggledeteriorate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=1e3efc97-c08c-4504-864a-1198c1349783:2:1; expires=Fri, 10 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00d157d7006b757310ed00e5cadabb99
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| stiflepowerless.com/watch.208385155768.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=59a06f8fbfcffb83917e06ab97b666b62db2e7cf5594f45c73604ec7d27705308c3aa3265778142d4b0b3ac3e0b8caad1dd0537c2c53bf66632a897e634917f5f7b73a107edcf14f3e55a6c10ab48b3b2698d7cc68688a89bda74f34a873e2&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 | 192.243.61.227 | 200 OK | 2.0 kB |
URL GET HTTP/1.1stiflepowerless.com/watch.208385155768.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=59a06f8fbfcffb83917e06ab97b666b62db2e7cf5594f45c73604ec7d27705308c3aa3265778142d4b0b3ac3e0b8caad1dd0537c2c53bf66632a897e634917f5f7b73a107edcf14f3e55a6c10ab48b3b2698d7cc68688a89bda74f34a873e2&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectstiflepowerless.com Fingerprint53:F8:A4:39:E5:76:60:B0:A3:94:D0:87:66:3E:90:E5:F4:2A:72:2D ValidityMon, 29 Apr 2024 13:09:50 GMT - Sun, 28 Jul 2024 13:09:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2477) Hash7c1e095f7b4c2a44c7bbf8635a0de68d 92526a0b7ef0c14452f0000a86307cb760de7653 9b15e93d73b2c71ce3f63e12d5b466ae8cf22428afe39c72f047886f7f35605d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.208385155768.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=59a06f8fbfcffb83917e06ab97b666b62db2e7cf5594f45c73604ec7d27705308c3aa3265778142d4b0b3ac3e0b8caad1dd0537c2c53bf66632a897e634917f5f7b73a107edcf14f3e55a6c10ab48b3b2698d7cc68688a89bda74f34a873e2&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 HTTP/1.1
Host: stiflepowerless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=1e3efc97-c08c-4504-864a-1198c1349783:2:1; expires=Fri, 10 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20dcdedcfcf51fa88b571fbdd8456f34
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 28 kB |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 59fd12006e0ad7bbc9c2c0a43f705d32
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 15:58:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ePxvKi4PQNPtNkRCvhVmRl99hQP%2F92PCbDHyd44eaJySvImD2EPcsC4W%2B6f3ZJyWe4dg3ka%2B39qbfQTbJFK9Rs8uNvG%2FQ%2FQPB0CG%2FZcxkBwbKBW31rY8hZ3JL5sn39QDHzAvhUxywtIRXTdErYoGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e173e94cc80b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 28 kB |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 723744b07c1fd1272017ebb093b969e7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 15:58:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWUIFbx4UUbP72F8J7jZjIMTX7AuQQipdmpKqgBkbxbEtwGY3EwFkylZfE7TvuBlp4%2F2KCG8cGaqUfaHCuJ%2FDXWi2XESEMtkBhZ3PjCyOr5AolH0fyfYD0ZjjPFumMOicddBUIkeOZzX8kJd33YL8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e173ea8da70b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| threeinvincible.com/watch.565631577142.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=5a24750fae66703508d06ab4a7c6f73947c2f80f2e8ea8630407df70c8be5ba7da7a00b4c49ac12103bf50b6249cf0e0fa9779db0af1df91272dc3c45956a5a40d19ad253d67b9b164fc22e9347e4da774291293879543d89b11e077ae7c&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 | 172.240.108.84 | 200 OK | 2.0 kB |
URL GET HTTP/1.1threeinvincible.com/watch.565631577142.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=5a24750fae66703508d06ab4a7c6f73947c2f80f2e8ea8630407df70c8be5ba7da7a00b4c49ac12103bf50b6249cf0e0fa9779db0af1df91272dc3c45956a5a40d19ad253d67b9b164fc22e9347e4da774291293879543d89b11e077ae7c&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 IP172.240.108.84:443
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectthreeinvincible.com Fingerprint80:A7:5B:F8:68:36:7B:02:02:07:18:D1:59:E5:E8:BF:94:77:25:84 ValidityTue, 30 Apr 2024 15:27:42 GMT - Mon, 29 Jul 2024 15:27:41 GMT
File typeJavaScript source, ASCII text, with very long lines (2419) Hash077eb0e4ed0d8bdaa82a2c9bdf36f002 53729557e2e8ed95010ef54b4772219f667de420 14655886f605b9bd2a8f04e2fe4329c65cf1163dee3ad574c62068f39ad83b7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.565631577142.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714751969&refer=http%3A%2F%2Flibgen.li%2Fads62087ab443dfc1990b6094a2923789ef5FFUOGK4&res=14.2069&rmtc=t&shu=5a24750fae66703508d06ab4a7c6f73947c2f80f2e8ea8630407df70c8be5ba7da7a00b4c49ac12103bf50b6249cf0e0fa9779db0af1df91272dc3c45956a5a40d19ad253d67b9b164fc22e9347e4da774291293879543d89b11e077ae7c&tz=0&uuid=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1 HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://libgen.li
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGliZ2VuLmxpL2FkczYyMDg3YWI0NDNkZmMxOTkwYjYwOTRhMjkyMzc4OWVmNUZGVU9HSzQiLCJhciI6W119fQ.sX35jERCAjdV-MR4pzQX06pZOo3AP5WNSD6bAdAsCn4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://libgen.li
Access-Control-Allow-Origin: http://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=1e3efc97-c08c-4504-864a-1198c1349783:2:1; expires=Fri, 10 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 04 May 2024 15:58:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20c87e0573192ff3d40b9469cddb3c77
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/fd/36/c9/fd36c98b33bae60ac085b715afd7d8fc/1707890422.png | 45.133.44.10 | 200 OK | 18 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/fd/36/c9/fd36c98b33bae60ac085b715afd7d8fc/1707890422.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced Hash22dbc90cc228238c2eda3411c5a94f2d e649af6121cf06a0214e03df6cb97da3f5305d03 3df7322db0809e1f32259d18cfb69e77465e690272a645c4af6776975463c08e
GET /cti/fd/36/c9/fd36c98b33bae60ac085b715afd7d8fc/1707890422.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: image/png
content-length: 17907
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 06:00:32 GMT
etag: "65cc5700-45f3"
expires: Sun, 05 May 2024 15:58:29 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg | 45.133.44.10 | 200 OK | 79 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 14:58:01], progressive, precision 8, 728x90, components 3 Hash55ed59e5d7a388b1e733a86d7b654fa4 b3316451e0932734d60d343bb2c3939d5dd3d983 805f37a36d50e7437b87cc31eb8287395f62034b1ba796285c73fd669f74cc4e
GET /cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: image/jpeg
content-length: 79356
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:37:56 GMT
etag: "65d22454-135fc"
expires: Sun, 05 May 2024 15:58:29 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/02/fa/69/02fa69e16fcc3a1f9cd9b74b08aa5607/1707727980.png | 45.133.44.10 | 200 OK | 50 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/02/fa/69/02fa69e16fcc3a1f9cd9b74b08aa5607/1707727980.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced Hashba441522d572898bd2d5efffe8a034f9 b61b76b0ac94d023d688d2550e6d312a0941eb0e 5dcb77d5ab53d2a1e483b09d0ba1ff38835657d6b3ff7698db00d80eaaceed35
GET /cti/02/fa/69/02fa69e16fcc3a1f9cd9b74b08aa5607/1707727980.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: image/png
content-length: 49806
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:53:09 GMT
etag: "65c9dc75-c28e"
expires: Sun, 05 May 2024 15:58:29 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/36/90/13/369013892c357d415d1ad7748ed75879/1627917230.png | 45.133.44.10 | 200 OK | 62 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/36/90/13/369013892c357d415d1ad7748ed75879/1627917230.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4 CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGB, non-interlaced Hashaab722bc84ce26456c71f76bf135d39d 931d9bda71c71ca06e3774c1d67d9842b2c2dc7e 47f5ef20379af39109b365fa5700137a998dd749ca0ea5faf3e82b94be508c59
GET /cti/36/90/13/369013892c357d415d1ad7748ed75879/1627917230.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: image/png
content-length: 61633
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:13:57 GMT
etag: "61080bb5-f0c1"
expires: Sun, 05 May 2024 15:58:29 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| libgen.li/img/favicon.ico | 172.67.193.122 | 200 OK | 632 B |
URL GET HTTP/1.1libgen.li/img/favicon.ico IP172.67.193.122:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeMS Windows icon resource - 1 icon, 32x32, 8 bits/pixel Hash1aae1c5c5b27e6d63ba2e0a8d596760e 2a8294e38dfc9474d869e05d2a9a42dcccfe3066 d3910a9bd312389bd76df879ad74c7c5f596b1056f1d86d537b6451738c61390
GET /img/favicon.ico HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Cookie: PHPSESSID=verjb6618em33oqq3kaseshhlt; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1e3efc97-c08c-4504-864a-1198c1349783%3A2%3A1; pp_main_d53e2728a6de1b6d59e60f5833fa9c3f=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 May 2013 20:56:22 GMT
ETag: W/"51915376-8be"
Expires: Tue, 07 May 2024 17:28:02 GMT
Cache-Control: max-age=604800
CF-Cache-Status: HIT
Age: 253827
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UhdO49RsQaBJtkqxuk2JCNB%2FxCPqKzA2R51Y69uPZqOtldQtXsTyhKzovjy9xxdEvPcqFaBSE9dF0W%2FqFS4Pk3hQGrSEs%2Bv1pIMx1BdEyZDkfe4fSKbJcUtEIG8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87e173ed0eeeb4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| unseenreport.com/pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 IP192.243.59.20:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 15:58:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bab0c2c0a902d043c92dd27fb8ec3e3e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 IP192.243.59.20:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 15:58:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d7bf1ccf58cfb2fcebf3819124c7be23
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 IP192.243.59.20:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=1e3efc97-c08c-4504-864a-1198c1349783&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 15:58:31 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 830d4e940406b78a6aab66ccdbd44977
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 301 Moved Permanently | 41 kB |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://libgen.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 15:58:29 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 51011285cb41a9dfb522a3130bd0bb18
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 15:58:28 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9dPxmVZdoz9H8Z1fbrwquQAwIMrK2oy5CNkdslEVTSq1y6fnJrFPEAx1trFA4wX9OV3YbgXPWaDpPMZORCO2ZsQkfGxINqiSb7eQIxVTOzf7%2Bt9pzQnR6XYa4VZLmZwM7ge9hCXe7CR7eB23cM5zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e173e85c0d0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| threeinvincible.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 172.240.108.84 | 200 OK | 44 kB |
URL GET HTTP/1.1threeinvincible.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP172.240.108.84:80
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
File typeJavaScript source, ASCII text, with very long lines (44052), with no line terminators Hash8f2aa4b2a37b7854f283ebe3d5482142 2fdba0b4f48ff1ea92c83865e576e1361e50952e be4379916494e660fb1c7c6949b94d19a02d1ffd1d6fd30dd871e9ff7a581b97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: threeinvincible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Mon, 06 May 2024 18:58:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fccb95529734ad85c2d9e88da01407cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.20:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://libgen.li/ads62087ab443dfc1990b6094a2923789ef5FFUOGK4
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://libgen.li/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 15:58:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91581ffa8b659469c7ad56ede6ffe6d6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|