| libgen.li/img/logo.png | 104.21.57.230 | 200 OK | 2.0 kB |
IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typePNG image data, 64 x 90, 8-bit colormap, non-interlaced Hash1d7aaa9da9adc174db1fb4c6a69d7bfb b5acc94460f3609334599b914bede8beb085b669 4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9
GET /img/logo.png HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:23 GMT
content-type: image/png
content-length: 1976
last-modified: Sat, 30 May 2020 06:17:58 GMT
etag: "5ed1fa96-7b8"
expires: Thu, 02 May 2024 07:10:53 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 4950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GMuqolTkMepL9pak4zomVsAFggKkWHF5q8kPRCrBbPQTchB1mXX%2FtXdZ1gm3JWDAM7OB2fXUhVcIGpJX0%2FZuw9cglC2OaxBi3c9TdXsGTb6pEVjYR8QTc55xWtI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfce77c50b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css | 151.101.129.229 | 200 OK | 26 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css IP151.101.129.229:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65326) Hash023b3876bb73aa541367fc40a193d2b7 8ed2d6350d23f857d92805737d0f97c675de666b f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 08:33:23 GMT
age: 21871281
x-served-by: cache-fra-etou8220099-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js | 151.101.129.229 | 200 OK | 16 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js IP151.101.129.229:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (62961) Hashf20fa8b102f205141295cdefd6ffe449 0c4e8445f6f0c9611dc1c13dc6f085eb4bcaca0b d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 08:33:23 GMT
age: 18339895
x-served-by: cache-fra-etou8220064-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.2.137 | 200 OK | 90 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.2.137:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 08:33:23 GMT
age: 80483
x-served-by: cache-lga21931-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 222, 14425
x-timer: S1714034003.166223,VS0,VE0
vary: Accept-Encoding
content-length: 89501
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js | 151.101.129.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js IP151.101.129.229:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hash7f389f5d2622ce2090eca7c36bcb90bc ab27031159724e2421f6ff5c70f48e657abe9d39 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 08:33:23 GMT
age: 18866050
x-served-by: cache-fra-etou8220114-FRA, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23383
X-Firefox-Spdy: h2
|
|
| contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz | 192.243.61.227 | 200 OK | 31 kB |
URL GET HTTP/1.1contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcontrarymeeting.com FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9 ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashbf5d692141562e5d80f7a7c807c668ac 27aca2590fd7e26f170d446ee0c08b90176b368c d41d3083122b711af6fc0cce34f39b18ad42c17f66275dd3a3c3a295e874a51f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6782283c55dc3b18664ce133208ec1c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| libgen.li/css/dark-mode.css | 104.21.57.230 | 200 OK | 12 kB |
URL GET HTTP/3libgen.li/css/dark-mode.css IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
Hashfd50c27b724f5f42571e433940422194 3ce23b8b712823b3a3cc6d26fd51fbb99dba6b9e 0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439
GET /css/dark-mode.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:23 GMT
content-type: text/css
last-modified: Thu, 29 Apr 2021 06:48:36 GMT
vary: Accept-Encoding
etag: W/"608a56c4-126"
expires: Tue, 30 Apr 2024 14:53:27 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 149996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzb89CPhcwHG3OzARMdoL3WGErLlPRmuaqh6Aovoj4PshXKqte6BVkMOTxfBywKBL2lMyLZWG1lVjlmBVZ%2BJTYFIZP0hUUX8pvZLtCcgPihjMj3wvWOCKLG7%2FTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879cfce77c4cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5a43523d5095897ce9eaa06214b018b7 0bc987f46edd3e41598a410b436cb139682687ea 90f7cb24bde8a6ce11dcfa79165c675dd129bfc5879fdc08457d553e9769d754
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:33:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://libgen.li
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=dd79b6cf-6983-4388-9a58-1b8c4e37f968:2:1; expires=Sun, 23 Apr 2034 08:33:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5a43523d5095897ce9eaa06214b018b7 0bc987f46edd3e41598a410b436cb139682687ea 90f7cb24bde8a6ce11dcfa79165c675dd129bfc5879fdc08457d553e9769d754
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Cookie: uid_id2=dd79b6cf-6983-4388-9a58-1b8c4e37f968:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:33:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://libgen.li
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js | 192.243.61.227 | 200 OK | 12 kB |
URL GET HTTP/1.1contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcontrarymeeting.com FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9 ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT
File typeJavaScript source, ASCII text, with very long lines (31352), with no line terminators Hash3b9df7b64015ae785d2b8d85360582e4 36830c21f98317b62fe350aa1c0b1d7199309a94 83baabade1ae44d9b20a31f4e876de0b5d30cdbebc9e64cd07f18b611a56768e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17d5555602cba5979e853fb530a7f516
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js | 192.243.61.227 | 200 OK | 12 kB |
URL GET HTTP/1.1contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcontrarymeeting.com FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9 ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT
File typeJavaScript source, ASCII text, with very long lines (31361), with no line terminators Hash64fd1a7106799181d9aac045036c1801 9033884e6200db9f2a9a0e277a56c19805ca1483 7775cab4215ee09212e077ba5921f58e7460f231074d6bac649b3c0d688a6204
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f9d8b5964440ed2ed50a7a6433cf252
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proverbadmiraluphill.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js | 172.240.108.68 | 200 OK | 16 kB |
URL GET HTTP/1.1proverbadmiraluphill.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js IP172.240.108.68:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectproverbadmiraluphill.com Fingerprint2D:E9:49:E1:73:02:7C:88:6B:7A:18:EB:86:8B:E9:F9:7D:73:2B:D1 ValidityTue, 23 Apr 2024 10:41:52 GMT - Mon, 22 Jul 2024 10:41:51 GMT
File typeJavaScript source, ASCII text, with very long lines (44091), with no line terminators Hash00a9691eaf907881561d23dbc5dc8e0e 2752f9836bfb6d222518218069e408b8baee2ff4 9b7370c876f9d6a42c904c2dca942f2031cd3356956c9aeaa8d980f1d34f57a5
GET /04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js HTTP/1.1
Host: proverbadmiraluphill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41f62d24cc42e5a37de231503dbaebff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js | 192.243.61.227 | 200 OK | 12 kB |
URL GET HTTP/1.1contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcontrarymeeting.com FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9 ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT
File typeJavaScript source, ASCII text, with very long lines (31385), with no line terminators Hash6e9616c9fd4ee82055743bbe74a53e98 dc6ab13b0ed1802bebbb39e735fb63fd4b2f0b23 a32c08c9d288668121bccab543449d12f77f7ffffb9dd15da169ca4ca6f2b422
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1088e1429a70632f71f68da6232228e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| excessstumbledvisited.com/watch.1367061970190.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 172.240.108.68 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1excessstumbledvisited.com/watch.1367061970190.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP172.240.108.68:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectexcessstumbledvisited.com FingerprintF6:CE:79:E1:1A:35:E2:A3:44:FF:13:1F:F1:48:18:54:55:70:8F:FE ValidityMon, 22 Apr 2024 09:06:49 GMT - Sun, 21 Jul 2024 09:06:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1367061970190.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: excessstumbledvisited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://excessstumbledvisited.com/watch.1367061970190.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=daff0332621983406cd696ca2cd9313b1efdc92ae7ff442de56a07bf6fe6a693ddb950fca96d683ab0b9d4d56a386d2e07bff22230696ca07d9b0d7d3dc9a035b67201e4a2f67124a894e84a2e9408db5a072bdce700ecbdd88e0e84cdf8608d50&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1
Set-Cookie: u_pl=17566676; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw; expires=Thu, 25 Apr 2024 08:34:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8aa6d332ebc520c381fc8eeb5bcada50
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| libgen.li/fictioncovers/3654000/626d543537c51c37aeb428b3400d0a3f.jpg | 104.21.57.230 | 200 OK | 133 kB |
URL GET HTTP/3libgen.li/fictioncovers/3654000/626d543537c51c37aeb428b3400d0a3f.jpg IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2200, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1569], baseline, precision 8, 357x500, components 3 Size133 kB (132563 bytes) Hash43683bd4bda50df449ea17216b7b22de e7dad4e31b530f873e9062de8b9d2c70a75941f4 936df11d873c51f816c179feff5070ef06eff305dde7e130546b0080b428ed57
GET /fictioncovers/3654000/626d543537c51c37aeb428b3400d0a3f.jpg HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:24 GMT
content-type: image/jpeg
content-length: 132563
last-modified: Wed, 30 Nov 2022 09:51:41 GMT
etag: "1000000a5a7e1-205d3-5eead0d27c93d"
expires: Thu, 02 May 2024 08:33:23 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XqHv5AXF88RLZwwupsHNSL4zstGEaPFDOlGkG6m72P1p7xVmRr8HoqjfOwYEgOlOvG0a2kmR0mfepO9ebfyLHZyrDCb6JyLJiyerdnJg%2FjAHJdPuInY7VAotFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfce78c62b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| excessstumbledvisited.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 172.240.108.68 | 200 OK | 16 kB |
URL GET HTTP/1.1excessstumbledvisited.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP172.240.108.68:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectexcessstumbledvisited.com FingerprintF6:CE:79:E1:1A:35:E2:A3:44:FF:13:1F:F1:48:18:54:55:70:8F:FE ValidityMon, 22 Apr 2024 09:06:49 GMT - Sun, 21 Jul 2024 09:06:48 GMT
File typeJavaScript source, ASCII text, with very long lines (44078), with no line terminators Hashf54e90ffee663f56c65e9769f646f909 7d380464bd4031087e08bee10bf293b657cfbaf7 96ca30199aa2e76e8a19120e9d2d44189834a1c5d1c183911d8ba928a9ee52cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: excessstumbledvisited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97d5d6e5d8c4b6579b1c48668bb8ee18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| excessstumbledvisited.com/watch.1367061970190.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=daff0332621983406cd696ca2cd9313b1efdc92ae7ff442de56a07bf6fe6a693ddb950fca96d683ab0b9d4d56a386d2e07bff22230696ca07d9b0d7d3dc9a035b67201e4a2f67124a894e84a2e9408db5a072bdce700ecbdd88e0e84cdf8608d50&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 172.240.108.68 | 200 OK | 2.0 kB |
URL GET HTTP/1.1excessstumbledvisited.com/watch.1367061970190.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=daff0332621983406cd696ca2cd9313b1efdc92ae7ff442de56a07bf6fe6a693ddb950fca96d683ab0b9d4d56a386d2e07bff22230696ca07d9b0d7d3dc9a035b67201e4a2f67124a894e84a2e9408db5a072bdce700ecbdd88e0e84cdf8608d50&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP172.240.108.68:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectexcessstumbledvisited.com FingerprintF6:CE:79:E1:1A:35:E2:A3:44:FF:13:1F:F1:48:18:54:55:70:8F:FE ValidityMon, 22 Apr 2024 09:06:49 GMT - Sun, 21 Jul 2024 09:06:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2455) Hashd2faf6f111108d10d56104bc0974e90e bb304277b62a5c7144936da16065d478600dbcca eb6e9a84ed8098b9491cf8cf0a6501d4edc5976e9ba61b726dd648a24479100b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1367061970190.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=daff0332621983406cd696ca2cd9313b1efdc92ae7ff442de56a07bf6fe6a693ddb950fca96d683ab0b9d4d56a386d2e07bff22230696ca07d9b0d7d3dc9a035b67201e4a2f67124a894e84a2e9408db5a072bdce700ecbdd88e0e84cdf8608d50&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: excessstumbledvisited.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=dd79b6cf-6983-4388-9a58-1b8c4e37f968:2:1; expires=Thu, 02 May 2024 08:33:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
uncs=1; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b1bb2d0e55b9f7b2d48ce63fb9c39fc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| hewomenentail.com/watch.1508859454337.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 192.243.59.12 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1hewomenentail.com/watch.1508859454337.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjecthewomenentail.com Fingerprint14:95:EE:C0:C1:31:B6:1C:62:FC:81:55:8C:9C:5B:64:48:FD:65:AD ValidityWed, 24 Apr 2024 15:13:32 GMT - Tue, 23 Jul 2024 15:13:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1508859454337.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: hewomenentail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://hewomenentail.com/watch.1508859454337.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=d2c36992df82fedbddd155ba87da22e75a76819da6c1b203f191105f09e3cd0e5044f82cdd1f0eea555263af1334774ad1c35ac868804b4c400c0a3604554a7ba9526107334d4076c65c0f2c1d2097914cc91d70859b9033ef767cf186ae31&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1
Set-Cookie: u_pl=17566676; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw; expires=Thu, 25 Apr 2024 08:34:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9cfc7688a194e060dca33fc1b43332f0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| hewomenentail.com/watch.1508859454337.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=d2c36992df82fedbddd155ba87da22e75a76819da6c1b203f191105f09e3cd0e5044f82cdd1f0eea555263af1334774ad1c35ac868804b4c400c0a3604554a7ba9526107334d4076c65c0f2c1d2097914cc91d70859b9033ef767cf186ae31&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 192.243.59.12 | 200 OK | 2.0 kB |
URL GET HTTP/1.1hewomenentail.com/watch.1508859454337.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=d2c36992df82fedbddd155ba87da22e75a76819da6c1b203f191105f09e3cd0e5044f82cdd1f0eea555263af1334774ad1c35ac868804b4c400c0a3604554a7ba9526107334d4076c65c0f2c1d2097914cc91d70859b9033ef767cf186ae31&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjecthewomenentail.com Fingerprint14:95:EE:C0:C1:31:B6:1C:62:FC:81:55:8C:9C:5B:64:48:FD:65:AD ValidityWed, 24 Apr 2024 15:13:32 GMT - Tue, 23 Jul 2024 15:13:31 GMT
File typeJavaScript source, ASCII text, with very long lines (2445) Hash673da872c9cbf582d9238df73b287cd1 f0136cbf293bd08f036feee25a491d7425d1066a fcaf084f3eb550a2ff6f5c1bfb8163297e9f9ad91544528faa8cb481b8288fc4
GET /watch.1508859454337.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=d2c36992df82fedbddd155ba87da22e75a76819da6c1b203f191105f09e3cd0e5044f82cdd1f0eea555263af1334774ad1c35ac868804b4c400c0a3604554a7ba9526107334d4076c65c0f2c1d2097914cc91d70859b9033ef767cf186ae31&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: hewomenentail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=dd79b6cf-6983-4388-9a58-1b8c4e37f968:2:1; expires=Thu, 02 May 2024 08:33:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
uncs=1; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e96a22cc29286a8557c9dfe8920b2a2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| hewomenentail.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 192.243.59.12 | 200 OK | 16 kB |
URL GET HTTP/1.1hewomenentail.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjecthewomenentail.com Fingerprint14:95:EE:C0:C1:31:B6:1C:62:FC:81:55:8C:9C:5B:64:48:FD:65:AD ValidityWed, 24 Apr 2024 15:13:32 GMT - Tue, 23 Jul 2024 15:13:31 GMT
File typeJavaScript source, ASCII text, with very long lines (44078), with no line terminators Hash1c9632201239e5bc1e7819514ed87bd5 9fe033946a6a3fb6047bc43ce838cc8e46e52703 893622e9eab654bb320fa4bc20f97674a0ec2477e5f974119ab78fde91fc6f48
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: hewomenentail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91ac5aefaff7d9453eb9f71ef5ad0ac3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| crisppennygiggle.com/watch.908198848862.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 192.243.59.20 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1crisppennygiggle.com/watch.908198848862.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcrisppennygiggle.com Fingerprint8F:53:50:A2:52:F5:0D:CA:5A:3F:AF:16:3E:6E:0F:F2:47:24:AD:8B ValidityWed, 24 Apr 2024 14:54:12 GMT - Tue, 23 Jul 2024 14:54:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.908198848862.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: crisppennygiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://crisppennygiggle.com/watch.908198848862.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=577d95da8a1e7e08941adf61913234623dad442fa77b42d18c6e4d9ec839455eaa2fe6155ac5a294e46b48fdc36a931cc1561b733d1f06d9ddbd3cd86365508b598c7ececeaac5429c4a247dd6679836a8c5b407d0b2f2340110bfba19&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1
Set-Cookie: u_pl=17566676; expires=Fri, 26 Apr 2024 08:33:24 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw; expires=Thu, 25 Apr 2024 08:34:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e7d73dfc881e918800708f0024fb3dd
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png | 45.133.44.10 | 200 OK | 56 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGB, non-interlaced Hash231d615f0b920b0f0c8758342141193b ca68f0f6e4c9124bbe61c49d789d0447076b0332 3e24999c26c1c68485e879756ea30639ccee4d7f30f1e2c0e5190818cbab8996
GET /cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:33:24 GMT
content-type: image/png
content-length: 56505
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:14:41 GMT
etag: "61080be1-dcb9"
expires: Sat, 27 Apr 2024 08:33:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| crisppennygiggle.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 192.243.59.20 | 200 OK | 16 kB |
URL GET HTTP/1.1crisppennygiggle.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcrisppennygiggle.com Fingerprint8F:53:50:A2:52:F5:0D:CA:5A:3F:AF:16:3E:6E:0F:F2:47:24:AD:8B ValidityWed, 24 Apr 2024 14:54:12 GMT - Tue, 23 Jul 2024 14:54:11 GMT
File typeJavaScript source, ASCII text, with very long lines (44118), with no line terminators Hash3f6233f954f4040b6fa3340fab67f692 d8104bd838dc7e6484364c4d883cff45786409df eb9237237f6ac930052db65bce31598a6e50ba27d0c9a71ea4d30501790cb8f7
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: crisppennygiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28e004668f6aad2eda8635718db1973c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png | 45.133.44.10 | 200 OK | 45 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGB, non-interlaced Hashdbde2854f2a693ab43a1ee72cdf0c686 820bc6fb6d40db1cdc8b9a214d4a8b1138f2e3fa aa648c4116a815deb4a006ed29f17342ccdb8c0d2ca863b54aa2517e1ed88641
GET /cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:33:25 GMT
content-type: image/png
content-length: 45371
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:13:41 GMT
etag: "61080ba5-b13b"
expires: Sat, 27 Apr 2024 08:33:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| officerdiscontentedalley.com/watch.102295541708.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 192.243.59.13 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1officerdiscontentedalley.com/watch.102295541708.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectofficerdiscontentedalley.com FingerprintFD:63:9F:F3:B9:2C:0F:20:0E:D5:E3:96:9A:44:6D:F8:9C:C3:92:83 ValidityWed, 24 Apr 2024 15:16:37 GMT - Tue, 23 Jul 2024 15:16:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.102295541708.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&tz=0&dev=e&res=14.2071&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: officerdiscontentedalley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:25 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://officerdiscontentedalley.com/watch.102295541708.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034065&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=e752af9a8272488891deb6909af139470efd32926cb9d0c6a8409355f913b4049a51858841b63bd99658278f6528deb5c5c4d1610efd1c4ebb2b78b303a16a81e2985c2b390d2263da59aa1b9aff9096da0b93fc06ba5e20acc938fbf4cf&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1
Set-Cookie: u_pl=17566676; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw; expires=Thu, 25 Apr 2024 08:34:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90f8d0b86c224fbece79e8ec55d5b792
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| crisppennygiggle.com/watch.908198848862.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=577d95da8a1e7e08941adf61913234623dad442fa77b42d18c6e4d9ec839455eaa2fe6155ac5a294e46b48fdc36a931cc1561b733d1f06d9ddbd3cd86365508b598c7ececeaac5429c4a247dd6679836a8c5b407d0b2f2340110bfba19&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 192.243.59.20 | 200 OK | 2.0 kB |
URL GET HTTP/1.1crisppennygiggle.com/watch.908198848862.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=577d95da8a1e7e08941adf61913234623dad442fa77b42d18c6e4d9ec839455eaa2fe6155ac5a294e46b48fdc36a931cc1561b733d1f06d9ddbd3cd86365508b598c7ececeaac5429c4a247dd6679836a8c5b407d0b2f2340110bfba19&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcrisppennygiggle.com Fingerprint8F:53:50:A2:52:F5:0D:CA:5A:3F:AF:16:3E:6E:0F:F2:47:24:AD:8B ValidityWed, 24 Apr 2024 14:54:12 GMT - Tue, 23 Jul 2024 14:54:11 GMT
File typeJavaScript source, ASCII text, with very long lines (2432) Hashe532f20ef9457d1e4ef3ca71536673c9 8a290430cbdac57f7807bf350ccfbd11f402a38c 259595673111dc58218a255a76b16ebe565f8c27604863840f91820df767d874
GET /watch.908198848862.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034064&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=577d95da8a1e7e08941adf61913234623dad442fa77b42d18c6e4d9ec839455eaa2fe6155ac5a294e46b48fdc36a931cc1561b733d1f06d9ddbd3cd86365508b598c7ececeaac5429c4a247dd6679836a8c5b407d0b2f2340110bfba19&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: crisppennygiggle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=dd79b6cf-6983-4388-9a58-1b8c4e37f968:2:1; expires=Thu, 02 May 2024 08:33:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
uncs=1; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5111aedf8e3e1110233d97bfdfc01837
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/a0/a3/cc/a0a3cca38b4b0492063c567e97e9aea3/1707890399.png | 45.133.44.10 | 200 OK | 15 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/a0/a3/cc/a0a3cca38b4b0492063c567e97e9aea3/1707890399.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced Hash837a7b801be9663e0c6993bb82f4aab8 c6aa8633a4855d962e19c503e648c65ddc3f2ddf 9893e110964b4f5a1e6c172e1a93e41dbddafdc77f2df54d7461fac5c12302d0
GET /cti/a0/a3/cc/a0a3cca38b4b0492063c567e97e9aea3/1707890399.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:33:25 GMT
content-type: image/png
content-length: 15233
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 06:00:09 GMT
etag: "65cc56e9-3b81"
expires: Sat, 27 Apr 2024 08:33:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| officerdiscontentedalley.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js | 192.243.59.13 | 200 OK | 16 kB |
URL GET HTTP/1.1officerdiscontentedalley.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectofficerdiscontentedalley.com FingerprintFD:63:9F:F3:B9:2C:0F:20:0E:D5:E3:96:9A:44:6D:F8:9C:C3:92:83 ValidityWed, 24 Apr 2024 15:16:37 GMT - Tue, 23 Jul 2024 15:16:36 GMT
File typeJavaScript source, ASCII text, with very long lines (44078), with no line terminators Hashdf1d75c6035d880fe40b62b728522a6a 0bbd3efc665762ee6575818019c194ba3774fd83 ec41dab797992076daa160bbb3af29fb3ce78b1456ad4c430d3806b42059e9e7
GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: officerdiscontentedalley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: adad00fe49b8babc75d2d0444ccd7ecc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| officerdiscontentedalley.com/watch.102295541708.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034065&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=e752af9a8272488891deb6909af139470efd32926cb9d0c6a8409355f913b4049a51858841b63bd99658278f6528deb5c5c4d1610efd1c4ebb2b78b303a16a81e2985c2b390d2263da59aa1b9aff9096da0b93fc06ba5e20acc938fbf4cf&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 | 192.243.59.13 | 200 OK | 2.0 kB |
URL GET HTTP/1.1officerdiscontentedalley.com/watch.102295541708.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034065&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=e752af9a8272488891deb6909af139470efd32926cb9d0c6a8409355f913b4049a51858841b63bd99658278f6528deb5c5c4d1610efd1c4ebb2b78b303a16a81e2985c2b390d2263da59aa1b9aff9096da0b93fc06ba5e20acc938fbf4cf&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectofficerdiscontentedalley.com FingerprintFD:63:9F:F3:B9:2C:0F:20:0E:D5:E3:96:9A:44:6D:F8:9C:C3:92:83 ValidityWed, 24 Apr 2024 15:16:37 GMT - Tue, 23 Jul 2024 15:16:36 GMT
File typeJavaScript source, ASCII text, with very long lines (2462) Hash9074cfc837c83700771b985ec41ad3c1 589a315829a0f7882b1f8fd734622480e98c7f97 cf4a3b008a8da7023a35d928e42bfc9c0216dd8e3f67fd5190aadeb84d0c9c5c
GET /watch.102295541708.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1714034065&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3D626D543537C51C37AEB428B3400D0A3F&res=14.2071&rmtc=t&shu=e752af9a8272488891deb6909af139470efd32926cb9d0c6a8409355f913b4049a51858841b63bd99658278f6528deb5c5c4d1610efd1c4ebb2b78b303a16a81e2985c2b390d2263da59aa1b9aff9096da0b93fc06ba5e20acc938fbf4cf&tz=0&uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1 HTTP/1.1
Host: officerdiscontentedalley.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT02MjZENTQzNTM3QzUxQzM3QUVCNDI4QjM0MDBEMEEzRiIsImFyIjpbXX19.DlgSPYejrjyxv6Dc5V936adPkU0GsJAeqjM_p7dG1Sw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 08:33:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=dd79b6cf-6983-4388-9a58-1b8c4e37f968:2:1; expires=Thu, 02 May 2024 08:33:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
uncs=1; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 26 Apr 2024 08:33:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a20714b5d54f9627137ff42222920495
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| capaciousdrewreligion.com/advertisers.js | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP172.240.108.76:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:25 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 961a1e6b8208fce87d9677b3bc74c2ec
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.cloudimagesb.com/cti/fd/36/c9/fd36c98b33bae60ac085b715afd7d8fc/1707890422.png | 45.133.44.10 | 200 OK | 18 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/fd/36/c9/fd36c98b33bae60ac085b715afd7d8fc/1707890422.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced Hash22dbc90cc228238c2eda3411c5a94f2d e649af6121cf06a0214e03df6cb97da3f5305d03 3df7322db0809e1f32259d18cfb69e77465e690272a645c4af6776975463c08e
GET /cti/fd/36/c9/fd36c98b33bae60ac085b715afd7d8fc/1707890422.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:33:25 GMT
content-type: image/png
content-length: 17907
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 06:00:32 GMT
etag: "65cc5700-45f3"
expires: Sat, 27 Apr 2024 08:33:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:25 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 97283973b67770b770277e7e38169c15
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 25 Apr 2024 08:33:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rN5fReIjnDF%2B45Zc4zVr74rPI0Cm6KHSslUFyb%2Bc11ZJgvSNxGm5OuUGTH6yMPedGL1gjCrGk1wWWuTbJHdySlfge7RaHxG1%2FnA7%2FmE9CO6erON4Yyi%2BhjLMXEZeeqV2PR7DS5KOh4z0OJ3MoxQfbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfcf3e93f56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| libgen.li/img/favicon.ico | 104.21.57.230 | 200 OK | 611 B |
URL GET HTTP/3libgen.li/img/favicon.ico IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 8 bits/pixel Hash1aae1c5c5b27e6d63ba2e0a8d596760e 2a8294e38dfc9474d869e05d2a9a42dcccfe3066 d3910a9bd312389bd76df879ad74c7c5f596b1056f1d86d537b6451738c61390
GET /img/favicon.ico HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6; dom3ic8zudi28v8lr6fgphwffqoz0j6c=dd79b6cf-6983-4388-9a58-1b8c4e37f968%3A2%3A1; pp_main_d53e2728a6de1b6d59e60f5833fa9c3f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:25 GMT
content-type: image/x-icon
last-modified: Mon, 13 May 2013 20:56:22 GMT
etag: W/"51915376-8be"
expires: Sun, 28 Apr 2024 11:39:24 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 334441
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZKIpitIq3k3mpJsVXYwqP999ufFI9HvsbquFx7BzAiva%2B70UGF92kKOujgCiYwnH5b4ZqyybViWLYlbLCU4i2hZerAZnJEXwRr9RQZ4FIIR0fBECRYZjiUG%2BaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfcf5eb52b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 | 172.240.108.76 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 IP172.240.108.76:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 04a33ff4f6f0e25cea534c165ac65ef9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.21.57.230 | 200 OK | 1.2 kB |
URL GET HTTP/3libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:23 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5rWfKBZnuQz6MjfFLiEZxNZJVWxoK9pP0CINHakzZVWWrqh1R0TaBCxr%2F0%2FNCNws2o3wuysGRHZ6bUYTG35Njq27fH64to99pSyS3uYcGAqsDZA2AvUnmR%2FTD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfce78c63b4f9-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 27 Apr 2024 08:33:23 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| libgen.li/js/form-validation.js | 104.21.57.230 | 200 OK | 686 B |
URL GET HTTP/3libgen.li/js/form-validation.js IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typeJavaScript source, ASCII text, with very long lines (707), with no line terminators Hash9b49fb891557236d80c4823d110ee45b 3cfdb12d1dc761ca69c01f5387795358b20ba6ff 3d4aa7a6338cdd568ef532bcb206dbaadd1c060cdf3873819b7f8fe242bf804c
GET /js/form-validation.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:23 GMT
content-type: application/javascript
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
etag: W/"5f859e98-2ae"
expires: Tue, 30 Apr 2024 14:58:57 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 149666
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYQOwS31a6VdQco5HI5ydORwU43l9fetKNggThD0H%2FSWL%2FBTxTvEBk0MyXK%2FbB7DWXMyAzfVmhkfutfWSDzR74eXFrfYztn3x0XYtxBkXLzotA87yLcZQoUHgdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfce78c6ab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 IP172.240.108.76:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 100c6be7a8ad6993458654c49bdbdd6d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| libgen.li/js/popper.min.js | 104.21.57.230 | 200 OK | 19 kB |
URL GET HTTP/3libgen.li/js/popper.min.js IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typeJavaScript source, ASCII text, with very long lines (19015) Hashc2457ff14b8092f06f6d6610b202ec7f 6465bce461e777d6871c2d8dead3f6cfbbfab664 c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591
GET /js/popper.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:23 GMT
content-type: application/javascript
last-modified: Sun, 16 May 2021 04:13:40 GMT
etag: W/"60a09bf4-4ace"
expires: Tue, 30 Apr 2024 14:58:57 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 149666
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4kXaABR0OrvzEx%2Bqz22tmlw3TS71cGTJTM%2FOdHXXUb1RvCyAfiHiwRhAr%2BZ0P7FL3a5jP3P6fvNia51QFYQsKv8y3Z8MNo%2F7opVVZFWz44ETipGAp1gOxcUKZaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfce78c64b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| libgen.li/js/dark-mode-switch.js | 104.21.57.230 | 200 OK | 2.9 kB |
URL GET HTTP/3libgen.li/js/dark-mode-switch.js IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typeASCII text, with very long lines (3093), with no line terminators Hash196aaac6d47aecd9d378dce8825bad01 58b461baec6e549363b6bd2aea647177517a5852 7dd40ed03fc6c57f4863e34f5f67f9f7dc2a5f5ebc2e0b627f32fb9176b56b76
GET /js/dark-mode-switch.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:23 GMT
content-type: application/javascript
last-modified: Sat, 22 May 2021 16:34:13 GMT
etag: W/"60a93285-b75"
expires: Tue, 30 Apr 2024 14:53:27 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 149996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O33IYgohBsG9fgp%2BkycDS94n%2Fmcny%2FmdAU2D0I%2FlV7sNVypK%2BNAPdWRD74g1ilBrx6TZ9G5KAG9Q%2BZIms3sPn2JWb0mvEZ0K0p8n8wcp8IAK6nucrz52werDssY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879cfce78c61b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 IP172.240.108.76:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=dd79b6cf-6983-4388-9a58-1b8c4e37f968&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 08:33:26 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abf6b8c8473bd7861c4c7a2c5f2f1148
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| libgen.li/css/font.min.css | 104.21.57.230 | 200 OK | 9.7 kB |
URL GET HTTP/3libgen.li/css/font.min.css IP104.21.57.230:443
Requested byhttps://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
File typeASCII text, with very long lines (10506), with no line terminators Hash9e2ef5e40b8f39925c1c66bc9d92f5e7 7c3f02611f7535813f99923ce89ba2b5bee52634 368673b259231ff90a35ee7131c51db777f36db5b39b2c0c4ce60423d0ca1687
GET /css/font.min.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F
Cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 08:33:23 GMT
content-type: text/css
last-modified: Wed, 09 Jun 2021 18:13:05 GMT
vary: Accept-Encoding
etag: W/"60c104b1-25d7"
expires: Tue, 30 Apr 2024 14:53:27 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 149996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zElMkRCX%2F4ItOkUWdKvgyc7Ycd6yzzoCJTub3rGvgxri9WDXoL6quWez3DACumF2qBOjoLrdG5noCeoXS4%2Bw%2B97f23zgt9TPJsA88DBh1%2Bf5kAYf5xi8%2BJVUWQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879cfce77c4ab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F | 104.21.57.230 | 200 OK | 21 kB |
URL User Request GET HTTP/2libgen.li/ads.php?md5=626D543537C51C37AEB428B3400D0A3F IP104.21.57.230:443
CertificateIssuerGoogle Trust Services LLC Subjectlibgen.li Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4 ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads.php?md5=626D543537C51C37AEB428B3400D0A3F HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 08:33:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=gq6rkhsqnfophfb91p21frmeo6; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CmU795jIkZpBJl%2FAelw0l0tRibLQOLo69bS5MPdfQ%2FGMyAeL2RjwrlnwAo5ah0WXtmw3lRCIfWup%2Bp4WkSW5iHlwCDwCXqZTRST9lb%2FFmSQcWQDTrbYFd5yc6%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879cfcdd4f311c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|