Overview

URLlibgen.lc/ads.php?md5=2DDFBB18E5C985F5EE091D4900531F87
IP 89.248.170.56 (Netherlands)
ASN#202425 IP Volume inc
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 15:31:54 UTC
StatusLoading report..
IDS alerts0
Blocklist alert6
urlquery alerts No alerts detected
Tags None

Domain Summary (19)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (13) 344 No data No data 23.36.76.226
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:46:10 UTC 34.117.237.239
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.42
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
simplewebanalysis.com (2) 0 2022-02-25 04:06:25 UTC 2022-11-28 05:14:23 UTC 52.28.211.11 Unknown ranking
soldierreproduceadmiration.com (1) 0 2022-11-16 05:50:11 UTC 2022-11-28 09:40:55 UTC 173.233.139.164 Unknown ranking
libgen.lc (2) 649669 2019-08-23 13:38:49 UTC 2022-11-28 15:10:33 UTC 89.248.170.56
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
tissuecameallowing.com (2) 0 2022-11-20 12:36:11 UTC 2022-11-27 23:22:00 UTC 173.233.137.36 Unknown ranking
whiskerssituationdisturb.com (2) 0 2022-11-15 09:13:25 UTC 2022-11-28 07:43:12 UTC 192.243.59.13 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.214.236.46
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
banquetunarmedgrater.com (1) 0 2022-08-04 15:12:50 UTC 2022-11-28 06:51:21 UTC 192.243.59.13 Unknown ranking
libgen.rocks (1) 49221 2021-08-21 07:52:58 UTC 2022-11-27 18:41:30 UTC 104.21.68.171
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
cdn.cloudimagesb.com (1) 23099 2022-10-07 08:01:31 UTC 2022-10-08 10:27:40 UTC 45.133.44.9

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-28 2 tissuecameallowing.com Sinkholed
2022-11-28 2 tissuecameallowing.com Sinkholed
2022-11-28 2 soldierreproduceadmiration.com Sinkholed
2022-11-28 2 whiskerssituationdisturb.com Sinkholed
2022-11-28 2 banquetunarmedgrater.com Sinkholed
2022-11-28 2 whiskerssituationdisturb.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 89.248.170.56
Date UQ / IDS / BL URL IP
2023-01-22 16:12:06 +0000 0 - 0 - 10 libgen.lc/ads.php?md5=ED872427AD37F70D428B9AD (...) 89.248.170.56
2023-01-19 16:11:44 +0000 0 - 0 - 9 libgen.lc/ads.php?md5=BFF855238D78E1E46504A80 (...) 89.248.170.56
2023-01-19 03:52:24 +0000 0 - 0 - 10 libgen.lc/ads.php?md5=043380726004D792D56D0CF (...) 89.248.170.56
2023-01-19 03:52:07 +0000 0 - 0 - 5 libgen.lc/ads.php?md5=043380726004D792D56D0CF (...) 89.248.170.56
2023-01-18 23:33:29 +0000 0 - 0 - 6 libgen.lc/ads.php?md5=34350ECE0EEF14182AF2A2E (...) 89.248.170.56


Last 5 reports on ASN: IP Volume inc
Date UQ / IDS / BL URL IP
2023-02-05 16:29:56 +0000 0 - 0 - 1 gamefabrique.com/download/genesis/jungle_book.exe 89.248.171.137
2023-02-05 16:29:51 +0000 0 - 0 - 3 gamefabrique.com/download/genesis/sonic_the_h (...) 89.248.171.137
2023-02-05 16:29:51 +0000 0 - 0 - 1 gamefabrique.com/download/nes/bomberman.exe 89.248.171.137
2023-02-05 16:29:49 +0000 0 - 0 - 1 gamefabrique.com/download/genesis/double_drag (...) 89.248.171.137
2023-02-05 16:29:48 +0000 0 - 0 - 3 gamefabrique.com/download/genesis/fun_n_games.exe 89.248.171.137


Last 5 reports on domain: libgen.lc
Date UQ / IDS / BL URL IP
2023-01-22 16:12:06 +0000 0 - 0 - 10 libgen.lc/ads.php?md5=ED872427AD37F70D428B9AD (...) 89.248.170.56
2023-01-19 16:11:44 +0000 0 - 0 - 9 libgen.lc/ads.php?md5=BFF855238D78E1E46504A80 (...) 89.248.170.56
2023-01-19 03:52:24 +0000 0 - 0 - 10 libgen.lc/ads.php?md5=043380726004D792D56D0CF (...) 89.248.170.56
2023-01-19 03:52:07 +0000 0 - 0 - 5 libgen.lc/ads.php?md5=043380726004D792D56D0CF (...) 89.248.170.56
2023-01-18 23:33:29 +0000 0 - 0 - 6 libgen.lc/ads.php?md5=34350ECE0EEF14182AF2A2E (...) 89.248.170.56


No other reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (1)
#1 JavaScript::Eval (size: 2062) - SHA256: e5426c243e3e4bc27b69d81948450f0c70b4bd9f0b0c96c74e710755e71abf53
               (function() {
                   var bn;
                   if (bn = document.getElementById('atLink-e445fc5fceeb52489a652f9894c20087')) {
                       var callback = function() {
                           (new Image()).src = '//whiskerssituationdisturb.com/clk.gif?landing_id=3569808&placement_id=17566676&sid=H4sIAAAAAAAC%2F1RTTYscVRe%2BleR9X17iJiKIqNALFwrOzK3vKoOIMUaCMQn5IOv72XOd6qri3qquzqyCEQmueqm7mmcmGT%2BCmB8gSo8bDQhpAzIL5z%2BIEFxKTwZaz%2BKe85znLp7n3HM%2F2WoPCEXL9i9%2FUG2aomBr8SodvHrDlLLq3ODitYFPV%2BnpwQ1TJtHpwWRx2PEbPo1X6WuD95TYqNYC6lPqU39wzlilq8naIQtT38%2F91ZyuRsGqH0eY2H9j13pwzIMcH5BnYeT8P%2Bs%2FPYARM5Sjb88qt9FU9evvjtqCNZXFWO5eLzfKqisxWpbaetDl7tFtVG5OyGfHUJW7Rw5QjXcWDsDNnHi%2F%2BeDl7pFM8PHdp0p5AVWCy5PoxjOoYg%2BGzSCq2zDyEQGExMVLKEf3Lla2YzefsmzBzsmJJ3%2FCdHNy4vfnUI6%2BOVOYyeBqVbSNqUqHie5hJjOY4Qx1u4dm04Pp9iCaj2DkL2TtyQWUo51Lrqhg5P4rPs8SEUu5kuYqW4koTVZyQbOVLPSl4qkSLMkPR2TMDEbPUKgpmDuO1nlojYdWe2hrDyO5P2BxrilNNddhmEVCiDAUIs4SGcswyjRFKxYepmjqKUQxhbC3UNtb2DBT2PYHuPX9LyKlhB9pRZnIqNI818oPmWZUhCqmiqpMBQETSgeCsVBpHvoiFTyOdOqnCU3TWOo0DnmeBDxlMpIyFiJluUi00FqFfqCzMEzijPKMpUEm%2FFyKJOM6lT6liYyCKAkiGiQ5D6Is0TwJWZzzPAmjLIhzloUBX0wNTnpwDcFY9ugUQecIOkbQGYKuIejG%2FV1ZuMD192ThWu4f5eAoh%2F121Qy32N2qGaqSbNUH5NTihb1nTj7GhtofqCiKtYi1UIrHQZTlLIkDnWd5JAJKsxTO9DDuGJjzsGnm5OXvr6M2c%2FK%2FP06Bsz24Yg%2FCvAjWPg%2FWbadBBraOnGKzvF8YPlTlqq3EhoOsetTNCTQ3va3igLxwuGjJZAolHpKjgLA9atvjQ%2FMjwbC4s32l6sjOlapz5MGlujEjs8kWS3i1YY3671fvq5tdZeX5s2765dtiQSzK%2B9eUay6wUppy6MjXZ4yUyp6rrFDku%2FPuhuKXW7d%2BprVlW1%2B4%2FM6586PaKudMVc7AzCP1M4SZk%2F9%2F%2Bubh93rp879g7Ay27TFql0pNtQdR34Krlz1XEdhiiXlN0LX9tg34slkYgkItMeM93D8wX9Zb7g6G1gNrbqMc9RjbHuOiByumcO3x7aa2D9%2F6NTwM8MLb5oUlO7ywC97sDzKexzrXSZyJNNVhkNA4plJmmmvGacTRuLn4%2BDH7GwAA%2F%2F8BAAD%2F%2F8nNK64xBQAA&psid=';
                       };
                       if (bn.addEventListener) bn.addEventListener('click', callback, false);
                       else if (bn.attachEvent) bn.attachEvent('onclick', callback);
                       else bn.onclick = callback;
                   }
               })();

Executed Writes (1)
#1 JavaScript::Write (size: 120) - SHA256: eec618eac4a9638dad6679dd10b46a6ba923dd0a991c3ebe5639003d488f90c5
< script type = "text/javascript"
src = "https://tissuecameallowing.com/e445fc5fceeb52489a652f9894c20087/invoke.js" > < /script>


HTTP Transactions (45)


Request Response
                                        
                                            GET /ads.php?md5=2DDFBB18E5C985F5EE091D4900531F87 HTTP/1.1 
Host: libgen.lc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         89.248.170.56
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 28 Nov 2022 15:31:43 GMT
Content-Length: 164
Connection: keep-alive
Location: https://libgen.lc/ads.php?md5=2DDFBB18E5C985F5EE091D4900531F87


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   164
Md5:    813f9846b49c0ada805648edf1b2fdbd
Sha1:   caa24890460f73e6a72bb49426351e67e83b053d
Sha256: 8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6145
Expires: Mon, 28 Nov 2022 17:14:08 GMT
Date: Mon, 28 Nov 2022 15:31:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5041
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 15:31:43 GMT
Last-Modified: Mon, 28 Nov 2022 14:07:42 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4115
Expires: Mon, 28 Nov 2022 16:40:18 GMT
Date: Mon, 28 Nov 2022 15:31:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 15:17:48 GMT
cache-control: public,max-age=3600
age: 835
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: WiUV9IAQhZDpcU5YDsXrBPJ9tcB6++xbW7LCze4BCvRcs6m1CFVsOdLtjwaqEVSFX9Gs4NRBRa0=
x-amz-request-id: BJJ1PK5JS9X2XG2A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 14:42:06 GMT
age: 2977
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "399B51F32A95EB15FE51AF7AA48F3675D9FA0E1C03EBE001883C117FDDDD809F"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2701
Expires: Mon, 28 Nov 2022 16:16:44 GMT
Date: Mon, 28 Nov 2022 15:31:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 15:31:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ads.php?md5=2DDFBB18E5C985F5EE091D4900531F87 HTTP/1.1 
Host: libgen.lc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         89.248.170.56
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 28 Nov 2022 15:31:43 GMT
Content-Length: 164
Connection: keep-alive
Location: https://libgen.rocks/ads.php?md5=2DDFBB18E5C985F5EE091D4900531F87


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   164
Md5:    813f9846b49c0ada805648edf1b2fdbd
Sha1:   caa24890460f73e6a72bb49426351e67e83b053d
Sha256: 8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6025
Cache-Control: max-age=129826
Date: Mon, 28 Nov 2022 15:31:43 GMT
Etag: "638414f8-116"
Expires: Wed, 30 Nov 2022 03:35:29 GMT
Last-Modified: Mon, 28 Nov 2022 01:55:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6025
Cache-Control: max-age=129826
Date: Mon, 28 Nov 2022 15:31:43 GMT
Etag: "638414f8-116"
Expires: Wed, 30 Nov 2022 03:35:29 GMT
Last-Modified: Mon, 28 Nov 2022 01:55:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.rocks
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 28 Nov 2022 15:31:43 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669649503.dop069.sk1.t,1669649503.cds232.sk1.hn,1669649503.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.rocks
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 15:31:43 GMT
age: 19310968
x-served-by: cache-fra19179-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65299)
Size:   21785
Md5:    151629f36761d6fb6d0e0330239884a6
Sha1:   ebb9c30e5565793e2767735f0647bdf26fed4ab5
Sha256: 53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
                                        
                                            GET /npm/bootstrap@4.5.3/dist/js/bootstrap.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.rocks
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 15:31:43 GMT
age: 7662185
x-served-by: cache-fra19126-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14911
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (62961)
Size:   14911
Md5:    77e609884bec4ce70818ff2f431da120
Sha1:   b4f502d2e81b51d2e7b2eb1895b14df999f65385
Sha256: aeceffe4918ebf706c006751bc123618a5ebbeabbad4e8c70fd6e9217d60f613
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 15:31:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A3F5134A5633175384693416C777F3C7763EA2B6"
Expires: Tue, 29 Nov 2022 03:00:00 GMT
Last-Modified: Mon, 28 Nov 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1409
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771426f7aea50b06-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    b78715279b0d13ebf955aec6c80bbedc
Sha1:   7974463ffafe3c867ba38589b878b594ca56b559
Sha256: 9c640d302916e5d941c3eee1ebf81ec2ae5e1ee4838915b5d7dd03116d3bf5c8
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 15:11:12 GMT
cache-control: public,max-age=3600
age: 1232
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2194
Cache-Control: max-age=151905
Date: Mon, 28 Nov 2022 15:31:44 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:43:29 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9BD6836C54E54FBAD0A737C5BA62ACA283584DA402C94FFE2314D7399383399F"
Last-Modified: Sat, 26 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2394
Expires: Mon, 28 Nov 2022 16:11:38 GMT
Date: Mon, 28 Nov 2022 15:31:44 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JcDnUxDaIJjMtZO5MOjTdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.214.236.46
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jRXLV/TCUB1cV+JY4XoyWzkkjqU=

                                        
                                            GET /d5/3e/27/d53e2728a6de1b6d59e60f5833fa9c3f.js HTTP/1.1 
Host: tissuecameallowing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 15:31:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f81b5c22957ce373806a7d3478417dc2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (60175), with no line terminators
Size:   20709
Md5:    8650aff1f0a6f6ea15eb3d573f6bbedc
Sha1:   abef778a9e8e76aa50a974359cf081f914703165
Sha256: 184bc7987503710da3ac822841ac06d7ac863ec60301699c756b0a6f8f95b7bc

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1 
Host: tissuecameallowing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 15:31:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf55e16b995ba21518a6f84d3efc77bc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (26997), with no line terminators
Size:   9811
Md5:    c6c3527bdc4cb6f02a2673b83dfe7bb5
Sha1:   bef54863c19d898032e631a295829b561b6ed3d0
Sha256: b0769307a2e7f9424a19642b9f2a7bca8193595015a79a8beff96c082973295d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167162
Date: Mon, 28 Nov 2022 15:31:44 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 13:57:46 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _ItCEUzQLP6kHLuGnWFqHHUiJOXwCAlJi-YrimzMyQLs3wXDI7DwRg==
Age: 1604

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.rocks
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 28 Nov 2022 15:31:44 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://libgen.rocks
access-control-allow-credentials: true
set-cookie: uid_id2=6df298ac-fea5-4a6f-911b-27b2a74976e9:1:1; expires=Thu, 25 Nov 2032 15:31:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    07019aa47495694767649464eb6f2693
Sha1:   bef704edf067eab7160717280b08e8fb56cc1ad4
Sha256: ab0197e419aefa066ab0a1a2135e347144927d682be837d476147bfa8fa40259
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.rocks
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 28 Nov 2022 15:31:44 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://libgen.rocks
access-control-allow-credentials: true
set-cookie: uid_id2=1b86c5dd-79e8-4006-9c08-831deb7eca69:3:1; expires=Thu, 25 Nov 2032 15:31:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    e5db9f25b6e5a2fdca855bd5a54adfa9
Sha1:   eb3a844333921a49467b92f9e0ae29e207a81c05
Sha256: a0e04ad03195b5cdb2a09cee29412eaf8edfc178491ebabb450123fe626077dd
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22858E9448A4590F70B22BAAC41375DF68A051B683252D7E4F643B2A007F5D82"
Last-Modified: Sun, 27 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3867
Expires: Mon, 28 Nov 2022 16:36:12 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=1694&rd=1694&fd=888&bv=22.10.v.9&tmpl=70 HTTP/1.1 
Host: soldierreproduceadmiration.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.139.164
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 15:31:45 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C6EE1C60F9A854653DE37238F7E791A9DFEE4C8B5B64398C19354417B4D69151"
Last-Modified: Sat, 26 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8610
Expires: Mon, 28 Nov 2022 17:55:15 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CC3953BCFF0F9AAEB59B71E15C8B72BCAC9D94FF203EECCBF159B40CF38521E9"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3282
Expires: Mon, 28 Nov 2022 16:26:27 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            GET /watch.1382756024080.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D2DDFBB18E5C985F5EE091D4900531F87&tz=0&dev=e&res=12.1055&uuid=1b86c5dd-79e8-4006-9c08-831deb7eca69%3A3%3A1 HTTP/1.1 
Host: whiskerssituationdisturb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.rocks
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html
                                        
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 15:31:45 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.rocks
Access-Control-Allow-Origin: https://libgen.rocks
Access-Control-Allow-Credentials: true
Location: https://whiskerssituationdisturb.com/watch.1382756024080.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D2DDFBB18E5C985F5EE091D4900531F87&tz=0&dev=e&res=12.1055&uuid=1b86c5dd-79e8-4006-9c08-831deb7eca69%3A3%3A1&shu=4eec14fe0ac80efb9fe13afa0c3e50e0e8e22acef2caa3efb31c7cb54f71760775df753b962b7ad4dd5cc7a9c6fcffe312f8336580b8a728c19dc68bf7d1006d4246240269b2486fb63a59b96348259a832b1b86&pst=1669649565&rmtc=t
Set-Cookie: u_pl=17566676; expires=Tue, 29 Nov 2022 15:31:45 GMT; secure; SameSite=None ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7ICIyOCI6IjBlMjMxNDNmZTUwNTNhYTBhNzc5YmEyOTkzYzJhOGUxIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5yb2Nrcy9hZHMucGhwP21kNT0yRERGQkIxOEU1Qzk4NUY1RUUwOTFENDkwMDUzMUY4NyJ9fQ.CkzbPgwZ_aqD2wd97t0zI0AAlATYFpZBF31BAj_CdRs; expires=Mon, 28 Nov 2022 15:32:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a36ae264e16814f53e18ba97e089cd36
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Mon, 28 Nov 2022 18:34:08 GMT
Date: Mon, 28 Nov 2022 15:31:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 63029
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 63602
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 26406
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8885
Md5:    3a1a4e00f1f15827cf651f373863c379
Sha1:   70c2a238f06ca7e56ef80c83738e081bf0de3330
Sha256: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qtRAIXoswvTgNWZzaQE1WHZQXoJRtK9nKpusFtXH3pDRHH_DZtsLFw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:59:09 GMT
age: 12756
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10156
Md5:    78240337e6dcc9578121c660804c081d
Sha1:   073e16d81ff727735ddb42d1a907043ce9a45b29
Sha256: 8421ba0c56d7beb7ea5a379035a490ef95a39b0215b68d6cafa9dd27954c085b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:53:38 GMT
age: 63487
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8254
Md5:    6ee5071a31d351c552aa651e40b16189
Sha1:   6fca9136030ea6f67be44e428ea39c34ff3e28e7
Sha256: 8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 63019
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6376
Md5:    78b1389f425425d0450c94d900404dc4
Sha1:   53b12a8702f7c5b7cc697e2a24da824d9434be65
Sha256: 0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
                                        
                                            GET /advertisers.js HTTP/1.1 
Host: banquetunarmedgrater.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://libgen.rocks/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 15:31:45 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43bfc6d248706c15bb3a571a7e16aa27
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watch.1382756024080.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D2DDFBB18E5C985F5EE091D4900531F87&tz=0&dev=e&res=12.1055&uuid=1b86c5dd-79e8-4006-9c08-831deb7eca69%3A3%3A1&shu=4eec14fe0ac80efb9fe13afa0c3e50e0e8e22acef2caa3efb31c7cb54f71760775df753b962b7ad4dd5cc7a9c6fcffe312f8336580b8a728c19dc68bf7d1006d4246240269b2486fb63a59b96348259a832b1b86&pst=1669649565&rmtc=t HTTP/1.1 
Host: whiskerssituationdisturb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.rocks
Referer: https://libgen.rocks/
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7ICIyOCI6IjBlMjMxNDNmZTUwNTNhYTBhNzc5YmEyOTkzYzJhOGUxIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5yb2Nrcy9hZHMucGhwP21kNT0yRERGQkIxOEU1Qzk4NUY1RUUwOTFENDkwMDUzMUY4NyJ9fQ.CkzbPgwZ_aqD2wd97t0zI0AAlATYFpZBF31BAj_CdRs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         192.243.59.13
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 15:31:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.rocks
Access-Control-Allow-Origin: https://libgen.rocks
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=1b86c5dd-79e8-4006-9c08-831deb7eca69:3:1; expires=Mon, 05 Dec 2022 15:31:45 GMT; secure; SameSite=None iprc5553b6c8ef5d6ce1919e76dcdd75eed5=3569808; expires=Mon, 28 Nov 2022 19:31:45 GMT; secure; SameSite=None pdhtkv=true; expires=Tue, 29 Nov 2022 15:31:45 GMT; secure; SameSite=None uncs=1; expires=Tue, 29 Nov 2022 15:31:45 GMT; secure; SameSite=None pdhtkv23=true; expires=Tue, 29 Nov 2022 15:31:45 GMT; secure; SameSite=None uncs23=1; expires=Tue, 29 Nov 2022 15:31:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1b0d485c5efbaff41e2871d0233b9d3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (2598)
Size:   2067
Md5:    3f72439d27afb5c54ba8f8427deb4637
Sha1:   fc0792c7d661e1c59cf2082a4f28708cacfa5f94
Sha256: 72ec5454a06d3f0460d11be0e0e4ffc0f26c4d751be66daf7d077c353a36fd1a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7A8F5B295EE6B5263FD51CE81A12E0AA43B69A234FDA244B7C8AD9827569620C"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4073
Expires: Mon, 28 Nov 2022 16:39:39 GMT
Date: Mon, 28 Nov 2022 15:31:46 GMT
Connection: keep-alive

                                        
                                            GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         45.133.44.9
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 28 Nov 2022 15:31:46 GMT
content-length: 105910
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Wed, 30 Nov 2022 15:31:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   105910
Md5:    a36b92bb68d9b579458560ba9b94862a
Sha1:   782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
Sha256: 9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
                                        
                                            GET /ads.php?md5=2DDFBB18E5C985F5EE091D4900531F87 HTTP/1.1 
Host: libgen.rocks
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.68.171
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 28 Nov 2022 15:31:43 GMT
set-cookie: adsenselg=show; expires=Mon, 28-Nov-2022 16:31:47 GMT; Max-Age=3600
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfqk6V7N7FkrkJPaJyXHbWxPofYV31GBMQnGBBeCkbp1xffRdxZwZeCGvI3Lv978VlfxktDYguXBFOhcZCD%2FH0zS9nUd9JdF9H2m98WEkDZfQ%2Bib3p1aZ6s6UmU8ky8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771426f53af10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---