Report - libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8

Report Overview

Submitted URL
libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
IP
104.21.57.230
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-24 22:49:05
Access
public
Website Title
Library Genesis
Final URL
libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-23	427 B	32 kB	151.101.194.137
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-24	1.4 kB	68 kB	151.101.193.229
pricklyachetongs.com	unknown	unknown	No data	No data	3.0 kB	22 kB	192.243.61.227
archedmagnifylegislation.com	unknown	unknown	No data	No data	3.0 kB	22 kB	192.243.61.227
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-24	419 B	416 B	35.158.46.84
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-24	822 B	57 kB	172.67.180.87
anewgallondevious.com	unknown	unknown	No data	No data	434 B	17 kB	172.240.127.234
thoroughlypantry.com	unknown	unknown	No data	No data	3.0 kB	22 kB	192.243.59.13
libgen.li	224851	unknown	2019-12-08	2024-04-14	5.3 kB	102 kB	172.67.193.122
contrarymeeting.com	unknown	2023-11-27	2023-12-01	2024-03-28	2.2 kB	83 kB	172.240.127.234
jumpedanxious.com	unknown	unknown	No data	No data	3.0 kB	22 kB	192.243.59.13
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-23	1.8 kB	244 kB	45.133.44.9
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-23	2.2 kB	1.3 kB	192.243.61.227
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-04-22	410 B	329 B	172.240.108.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	contrarymeeting.com	Sinkholed
2024-04-24	medium	contrarymeeting.com	Sinkholed
2024-04-24	medium	contrarymeeting.com	Sinkholed
2024-04-24	medium	contrarymeeting.com	Sinkholed
2024-04-24	medium	contrarymeeting.com	Sinkholed
2024-04-24	medium	unseenreport.com	Sinkholed
2024-04-24	medium	unseenreport.com	Sinkholed
2024-04-24	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	unknown	145 B	2023-03-07	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:04 Last Seen2024-05-03 17:58:53 Times Seen131 Hash d28888b01d7e31499c212a8824a00265 488712e15db00b5ee347f1eb283afe36e9f5607e 1b11e401afc0450bb5d4abe70fb81ec426143654cbe419e222dbd48686fac1fe Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-04
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-04 20:51:58 Times Seen2146 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-04
Pretty URL libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.193.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-04 20:57:58 Times Seen55933 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8	281 B	2024-04-25	2024-05-03
Pretty URL libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8 IP 172.67.193.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 00:49:12 Last Seen2024-05-03 17:58:53 Times Seen3 Hash c5f50d1b85772b7bc824d8808f1989ac 37846709158afcff5e04dab0aa9215dbd054574f 6539f0ce03f3f806db2eff74b69c48d943b590945d65f7d27482cbaa55f95f46 Loading...

	contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js	31 kB	2024-04-25	2024-04-25
Pretty URL contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:13 Times Seen2 Hash 9d37972eba4b1e187a1da0e72591dd5f 7279d67deab0c7b9041281642f185bed43bca1a0 c133507ae87744ee82464ea3e9cc644021d934ca8c4d24745a3ba4ed3899dd45 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js	84 kB	2023-03-07	2024-05-04
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-05-04 06:25:42 Times Seen7336 Hash 7f389f5d2622ce2090eca7c36bcb90bc ab27031159724e2421f6ff5c70f48e657abe9d39 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01 Loading...

	thoroughlypantry.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js	44 kB	2024-04-25	2024-04-25
Pretty URL thoroughlypantry.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:13 Times Seen2 Hash ed128af3119016c2ea1bc741c515eb63 d02f4d3f96e69bb482f45180d053201be0cbde64 6bdcb9e72c9885104c39594e85b611d743aa3312486b5abb0566eccb4d952da7 Loading...

	unknown	3.3 kB	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:12 Times Seen1 Hash e59c0980418fb5563df84dbbe4af3e04 527aa0ee81291644fe4e5bdbc0f53830509b5757 360a09cc415860978fba109e68732d37d01d26c9d512937f6d57ad89af74a47c Loading...

	capaciousdrewreligion.com/advertisers.js	0 B	2023-03-07	2024-05-04
Pretty URL capaciousdrewreligion.com/advertisers.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 21:12:01 Times Seen37346451 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz	85 kB	2024-04-25	2024-04-25
Pretty URL contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:13 Times Seen2 Hash 63eeb0de5077f75a9babf6cc8a952192 2e2eefc0e11e6e89e5eaace7563c8a44bbe756bf 5a5c00b1be6967951621e82aba4efd189a0c6e9edb0222bca32ac6dbdc6cb387 Loading...

	contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js	31 kB	2024-04-25	2024-04-25
Pretty URL contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:13 Times Seen2 Hash f698262df33881167c7f180a75af32a5 b73cef677daf3d6c2b274d9fcfa474650c06e86b e253876fa54db8b72af518a06cbc97c9a401e58536a2efe897e819564df54701 Loading...

	unknown	3.3 kB	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:12 Times Seen1 Hash 3a5b020c6e8fc0da8bbc58bcad9c6feb 28c703820dd11dbe93b9dd378fd01ac4a047f476 cc61b0a944efb4e5f59e1898ecb68e90a4a4599d8374dd2f88b48bcdea70f787 Loading...

	anewgallondevious.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js	44 kB	2024-04-25	2024-04-25
Pretty URL anewgallondevious.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:13 Times Seen2 Hash f4eb3df4b99e19d714a374d965f85567 1ade0699a000a51adb613ad22481ac9c17a97507 7d3b6076f14b9a32674676e093059cb0249e7d7554ae23749b2aa3cb92b83151 Loading...

	unknown	3.3 kB	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:12 Times Seen1 Hash 838f9c89e4b6f9b8329f6c9dde952d66 7eae3ba3c24f922a30cde47d0073dfb7b6b226fd eb6d69b704ce7a2c7cdbd804f44e133df32add9c9e9182c94f6d53419d320c3d Loading...

	contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js	31 kB	2024-04-25	2024-04-25
Pretty URL contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:12 Last Seen2024-04-25 00:49:13 Times Seen2 Hash fb4796dee4354fe1c7177c8ec7252b0e 70e8600831830a1a2c972a6eceeb4fe3c053ed90 49635052c4ef950a715621146a180c269153dd6e6d05cceadd0af5bba2a7383e Loading...

	libgen.li/js/form-validation.js	686 B	2023-03-07	2024-05-03
Pretty URL libgen.li/js/form-validation.js IP 172.67.193.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:27 Last Seen2024-05-03 17:58:53 Times Seen194 Hash 0b7eb3e3f49c158dcc9f4787dc1eb2d5 f1426bab12a38e3c7be0924785b6808de919be15 ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34 Loading...

	pricklyachetongs.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js	44 kB	2024-04-25	2024-04-25
Pretty URL pricklyachetongs.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen2 Hash 7248785adcc723ed4c00dabae3b1286c 3751f038c56a243514b50af6b7350765d8028af3 48975e856a7f777814322d9c15be8a9aa57cba9a4c61f05c4432d90d7407898d Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-04
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-04 21:01:09 Times Seen265823 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	libgen.li/js/dark-mode-switch.js	2.9 kB	2023-03-07	2024-05-03
Pretty URL libgen.li/js/dark-mode-switch.js IP 172.67.193.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:27 Last Seen2024-05-03 17:58:53 Times Seen188 Hash 9ca505b605f0247bb2db2e8ba898ac2a 576412cb53709781f9be65f9b3b08d9d51494a75 2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js	63 kB	2023-03-07	2024-05-03
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-05-03 20:22:30 Times Seen1804 Hash f20fa8b102f205141295cdefd6ffe449 0c4e8445f6f0c9611dc1c13dc6f085eb4bcaca0b d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88 Loading...

	jumpedanxious.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js	44 kB	2024-04-25	2024-04-25
Pretty URL jumpedanxious.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen2 Hash 3abbdb8ca4996811fb3c171af20ea22a 3493fb3c2f962017e528227296646403f935adef fd89fce4895e1d6473a666d94eca3c4f9c3cc96011cbccff238177d71119e5f4 Loading...

	unknown	3.3 kB	2024-04-25	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen1 Hash 1399a53ad982d3f0b56d0ccc5ffcf175 06dc6df8326b0297c88063a0ba73f29c4b23c050 f3ba6a86d6819ad78c96925e5f6e37da41d1de40c7e3c07707b02ec6d55e8bb1 Loading...

	contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js	31 kB	2024-04-25	2024-04-25
Pretty URL contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen2 Hash dcd42c119ad3f3d1d459923775e9acee 6c301a2abea152bb54c84ef0848be49a60bd86c5 0be79f2d26d14867216a8430a7f1ca1b60552d902908b5633cca9d99081e205e Loading...

	libgen.li/js/popper.min.js	19 kB	2023-03-07	2024-05-04
Pretty URL libgen.li/js/popper.min.js IP 172.67.193.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:27 Last Seen2024-05-04 01:36:49 Times Seen378 Hash c2457ff14b8092f06f6d6610b202ec7f 6465bce461e777d6871c2d8dead3f6cfbbfab664 c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591 Loading...

	archedmagnifylegislation.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js	44 kB	2024-04-25	2024-04-25
Pretty URL archedmagnifylegislation.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen2 Hash 066a29125be3e6baffed668eecbb4d52 f59bc6969435611ed9e34e66c82ff71f9642f5a7 79a4a95a7ae104e69088d000ce5d987e4194b7eecccd99962e730bd165b7c98f Loading...

	libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8	104 B	2023-03-07	2024-05-03
Pretty URL libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8 IP 172.67.193.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:27 Last Seen2024-05-03 17:58:53 Times Seen154 Hash def44b42463054e6a3ca51c280766b6e e1524e0ecc5f06477961900160e1dbbacfc660c6 d37f576c2402a765c4c20adfb2f120d139506ff6526cff2dea6cb7da5f611c5c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 64fbdedaccb6df7b96871d93ee1e7715	2.1 kB	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen1 Hash 64fbdedaccb6df7b96871d93ee1e7715 4fc6f049411a283d989c94e24dec320481f9bdc5 66c02ce67dbe4cfd8cb4abe318680a78f98005d0a154d8c3266895a9ef537c14 Loading...

	#2 Eval - 3c1245e5d62703212ce321a15cfef78b	2.1 kB	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen1 Hash 3c1245e5d62703212ce321a15cfef78b 98c66eed43d40486ebcae27e9d29f0aacd40990c 333e9e0e3a5d51d6b26962bde53a495598b0a0a3ab30766a86154fa9cea4276f Loading...

	#3 Eval - 14fd89958fafb5d268f98748005ea352	2.1 kB	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen1 Hash 14fd89958fafb5d268f98748005ea352 5094c19e78b296346c1426101225163f364d11e8 6112d8a8e13811a3e2304fbba413c12fdae7ee79f4bf4698d8557e1416586e0e Loading...

	#4 Eval - 55af48a1ab9e0ed98e960926e4e739e9	2.1 kB	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 00:49:13 Last Seen2024-04-25 00:49:13 Times Seen1 Hash 55af48a1ab9e0ed98e960926e4e739e9 e0b9d0f896c8e712ee019ba952adfe8e85e41729 b00a01450e7922e59ccf4d1146841025f052ab944a2e13d299ae9d0897d38646 Loading...

		Size	First Seen	Last Seen
	#1 Write - 10fc927dee33450b089e48e6f1dbe432	111 B	2024-04-25	2024-05-03
Pretty Observations First Seen2024-04-25 00:49:13 Last Seen2024-05-03 17:58:53 Times Seen3 Hash 10fc927dee33450b089e48e6f1dbe432 5642e02e9f006c40d90a4bbc8654c13ca65a0bff 79e8c5b0e5ed8efb00bf11a3da1fe9d8f6b057738e5cdbfa59ab2fc7e181c837 Loading...

HTTP Transactions (43)

URL IP Response Size

libgen.li/img/logo.png

172.67.193.122

200 OK

2.0 kB

URL GET HTTP/3
libgen.li/img/logo.png
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
PNG image data, 64 x 90, 8-bit colormap, non-interlaced
Size
2.0 kB (1976 bytes)
Hash
1d7aaa9da9adc174db1fb4c6a69d7bfb
b5acc94460f3609334599b914bede8beb085b669
4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: image/png
content-length: 1976
last-modified: Sat, 30 May 2020 06:17:58 GMT
etag: "5ed1fa96-7b8"
expires: Thu, 25 Apr 2024 07:08:40 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 574797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8kWRH1FnBZPYCPwL2kZoWPujVK1JNQvKhzgIQVaAwLECaZJZF9mlOa%2FPfE1AI3E1Wqlk2cuzod0mHQjZtZidqwubKR2cFTqFnbofUR%2FqQwRkeURCknaXXvoF1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a4548e85b505-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-3.6.0.min.js

151.101.194.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:48:37 GMT
age: 6456537
x-served-by: cache-lga21931-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 1466141
x-timer: S1713998918.891611,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65326)
Size
26 kB (26099 bytes)
Hash
023b3876bb73aa541367fc40a193d2b7
8ed2d6350d23f857d92805737d0f97c675de666b
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:48:37 GMT
age: 21836196
x-served-by: cache-fra-etou8220099-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

151.101.193.229

200 OK

16 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (62961)
Size
16 kB (16162 bytes)
Hash
f20fa8b102f205141295cdefd6ffe449
0c4e8445f6f0c9611dc1c13dc6f085eb4bcaca0b
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:48:37 GMT
age: 18304809
x-served-by: cache-fra-etou8220064-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

23 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
23 kB (23383 bytes)
Hash
7f389f5d2622ce2090eca7c36bcb90bc
ab27031159724e2421f6ff5c70f48e657abe9d39
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: br
accept-ranges: bytes
date: Wed, 24 Apr 2024 22:48:37 GMT
age: 18830965
x-served-by: cache-fra-etou8220114-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23383
X-Firefox-Spdy: h2

libgen.li/fictioncovers/3914000/e7b8c3cf30872c4fb4b7ace0fc7634d8.jpg

172.67.193.122

200 OK

23 kB

URL GET HTTP/3
libgen.li/fictioncovers/3914000/e7b8c3cf30872c4fb4b7ace0fc7634d8.jpg
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 343x500, components 3
Size
23 kB (23270 bytes)
Hash
d506d55f91d803611eb8edf04d28ff6b
596038a70b4ab82cb5944255fa79be74dc7e2669
d59e32e292db6e8926319aef3cc5d83c9a577ffa5ad7399ec760381180796200

HTTP Headers

GET /fictioncovers/3914000/e7b8c3cf30872c4fb4b7ace0fc7634d8.jpg HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:38 GMT
content-type: image/jpeg
content-length: 23270
last-modified: Sun, 12 Mar 2023 03:06:07 GMT
etag: "1000000b80d4f-5ae6-5f6ab4696e077"
expires: Wed, 01 May 2024 22:48:38 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3YfLjcnHjaTSBljiuJQO9wdVajvwCUQXcL4cjTCwbsPn2Nz11%2BmBrJb0agQG2a1wIP00qnL%2F0mt0He7DQtgZc4X2IbntfRKz9D2%2FT2dWcNjQdCTEyAGR8rvUDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a4548e87b505-OSL
alt-svc: h3=":443"; ma=86400

libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.193.122

200 OK

1.2 kB

URL GET HTTP/3
libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
gzip compressed data, from Unix
Size
1.2 kB (1158 bytes)
Hash
8051386057b5ea33936311d2d13dd643
d226aa8dddad4c6a9a99b940f502a07939df1541
476484a741dadc28c3ba5cb52c321d5deb8f120202f1d0fdcf732155250fe290

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kyNEwgylTFD1WBUHitj4Lrcdxaalu5yrb%2Fej0hnWzvTu8j9F1WkIVs2QF4GMKVOWG4TGzAgoU%2BIz81ylMDMH5eyBNmX0QwmCY0goOe%2B5Ni1ADwy3SdsjbcLFejk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a4548e8ab505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 26 Apr 2024 22:48:37 GMT
cache-control: max-age=172800, public
content-encoding: gzip

libgen.li/css/dark-mode.css

172.67.193.122

200 OK

6.2 kB

URL GET HTTP/3
libgen.li/css/dark-mode.css
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
ASCII text
Size
6.2 kB (6206 bytes)
Hash
fd50c27b724f5f42571e433940422194
3ce23b8b712823b3a3cc6d26fd51fbb99dba6b9e
0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439

HTTP Headers

GET /css/dark-mode.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: text/css
last-modified: Thu, 29 Apr 2021 06:48:36 GMT
vary: Accept-Encoding
etag: W/"608a56c4-126"
expires: Tue, 30 Apr 2024 14:53:27 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 114910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yG2eopTqscWK%2Byxj7I4I3fcsXOQiMqGKbEuwLBQQg1ryCaQWrCYzudAWAKnmPClFfRVlye17SfTCEVzysdMe1%2FmnKuM1QMNmRU4bygW2hAThQMw61smwBWj0pUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a4547e83b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

libgen.li/js/dark-mode-switch.js

172.67.193.122

200 OK

11 kB

URL GET HTTP/3
libgen.li/js/dark-mode-switch.js
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
ASCII text
Size
11 kB (10589 bytes)
Hash
9ca505b605f0247bb2db2e8ba898ac2a
576412cb53709781f9be65f9b3b08d9d51494a75
2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b

HTTP Headers

GET /js/dark-mode-switch.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: application/javascript
last-modified: Sat, 22 May 2021 16:34:13 GMT
etag: W/"60a93285-b75"
expires: Tue, 30 Apr 2024 14:53:27 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 114910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IFDcg3cfM5xbq%2FLa9bpBDuxUVahlX8B504JfVVwQ9%2FurlPgggiMYr%2Fbu7Gq2rwh4oJPcLWn63xGTMkl6XB0ti1P6PXpL%2BoQvvEvQUUNPN5CDMYMsm3E1W14D1EE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a4548e86b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz

172.240.127.234

200 OK

31 kB

URL GET HTTP/1.1
contrarymeeting.com/api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcontrarymeeting.com
FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9
ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31348 bytes)
Hash
63eeb0de5077f75a9babf6cc8a952192
2e2eefc0e11e6e89e5eaace7563c8a44bbe756bf
5a5c00b1be6967951621e82aba4efd189a0c6e9edb0222bca32ac6dbdc6cb387

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/posts?token=L2Q1LzNlLzI3L2Q1M2UyNzI4YTZkZTFiNmQ1OWU2MGY1ODMzZmE5YzNmLmpz HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e2780db7a271dd5a7e7464e730445487
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

35.158.46.84

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.158.46.84:443
ASN
#16509 AMAZON-02

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
904c6f7cc6f19e2e31e7f7d6c39d7506
ba565fad4d5610f3aeeac07cc796a027592b6188
0e615ad4c67a855551c090defa1a975f0239ba679357166b83dc0ae83230aae9

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:48:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://libgen.li
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=0ebff073-a41a-4349-9aa0-851ac3211d39:1:1; expires=Sat, 22 Apr 2034 22:48:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js

172.240.127.234

200 OK

12 kB

URL GET HTTP/1.1
contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcontrarymeeting.com
FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9
ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (31361), with no line terminators
Size
12 kB (11888 bytes)
Hash
fb4796dee4354fe1c7177c8ec7252b0e
70e8600831830a1a2c972a6eceeb4fe3c053ed90
49635052c4ef950a715621146a180c269153dd6e6d05cceadd0af5bba2a7383e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3e9cc97b8a2a4689d93a562a175d25a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js

172.240.127.234

200 OK

12 kB

URL GET HTTP/1.1
contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcontrarymeeting.com
FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9
ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (31352), with no line terminators
Size
12 kB (11885 bytes)
Hash
f698262df33881167c7f180a75af32a5
b73cef677daf3d6c2b274d9fcfa474650c06e86b
e253876fa54db8b72af518a06cbc97c9a401e58536a2efe897e819564df54701

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f19cc51ded60217bcc8df58120f97df
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js

172.240.127.234

200 OK

12 kB

URL GET HTTP/1.1
contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcontrarymeeting.com
FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9
ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (31361), with no line terminators
Size
12 kB (11886 bytes)
Hash
dcd42c119ad3f3d1d459923775e9acee
6c301a2abea152bb54c84ef0848be49a60bd86c5
0be79f2d26d14867216a8430a7f1ca1b60552d902908b5633cca9d99081e205e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3977d2618da18ac95b5db15134baf5f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

28 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27964 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:48:38 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e0c6daef2e84e28748c98d8bb3adfb18
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 0
last-modified: Wed, 24 Apr 2024 22:48:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGrzbYJMkiua77uaRpIKEHA8KbEMt6MZglO0rOY5vlnMhcNdU3DVuXXpXs7YEjfCdWQ5BrO3tNGMqBdQQG5Q9%2B%2FRAa2DvogTNFkgz3wO9zI6SYt93rW8iOco%2Fn3Bnyhpxx3g8H6CVW%2FgOPJrlJJ95Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a459ff7056c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js

172.240.127.234

200 OK

12 kB

URL GET HTTP/1.1
contrarymeeting.com/e445fc5fceeb52489a652f9894c20087/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcontrarymeeting.com
FingerprintB1:99:91:6E:06:0B:5A:A2:A3:5E:80:5B:3F:3B:A5:FD:2B:A5:5E:A9
ValidityTue, 26 Mar 2024 20:35:05 GMT - Mon, 24 Jun 2024 20:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (31385), with no line terminators
Size
12 kB (11892 bytes)
Hash
9d37972eba4b1e187a1da0e72591dd5f
7279d67deab0c7b9041281642f185bed43bca1a0
c133507ae87744ee82464ea3e9cc644021d934ca8c4d24745a3ba4ed3899dd45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /e445fc5fceeb52489a652f9894c20087/invoke.js HTTP/1.1
Host: contrarymeeting.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45beac351fe09b110cfa5f32dd9ad269
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

anewgallondevious.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
anewgallondevious.com/04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectanewgallondevious.com
Fingerprint7A:F3:47:B8:AE:DE:FA:D0:5A:7C:D5:1E:1E:8A:35:1C:5B:93:EF:A3
ValidityWed, 24 Apr 2024 14:55:41 GMT - Tue, 23 Jul 2024 14:55:40 GMT

File type
JavaScript source, ASCII text, with very long lines (44051), with no line terminators
Size
16 kB (15819 bytes)
Hash
f4eb3df4b99e19d714a374d965f85567
1ade0699a000a51adb613ad22481ac9c17a97507
7d3b6076f14b9a32674676e093059cb0249e7d7554ae23749b2aa3cb92b83151

HTTP Headers

GET /04/2f/f9/042ff9b9b59bdc32b7a84fec6430fe85.js HTTP/1.1
Host: anewgallondevious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58fe67995141a3beb858ae63decfaa67
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

thoroughlypantry.com/watch.1370487066295.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
thoroughlypantry.com/watch.1370487066295.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectthoroughlypantry.com
Fingerprint85:D3:46:2C:75:47:32:76:C2:77:C2:86:3D:E0:4F:CF:21:17:76:3B
ValidityWed, 24 Apr 2024 15:12:43 GMT - Tue, 23 Jul 2024 15:12:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1370487066295.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: thoroughlypantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://thoroughlypantry.com/watch.1370487066295.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5036c3a3fce49ac4daf7eb0b829691e9d6607c4fd8f214ea959ff04af09db62a55dc5e873c3dbd78c8a39ab5b6443cbc4c1fcfe0a1622897ec1d00d5277e990b65405deeaefc48e65bf86dd8fb6533d06fb6106c8526dbf6336622a4854e0d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
Set-Cookie: u_pl=17566676; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM; expires=Wed, 24 Apr 2024 22:49:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6792f28b0f5a7b0350d2a048388a9e53
Strict-Transport-Security: max-age=0; includeSubdomains

thoroughlypantry.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js

192.243.59.13

200 OK

16 kB

URL GET HTTP/1.1
thoroughlypantry.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectthoroughlypantry.com
Fingerprint85:D3:46:2C:75:47:32:76:C2:77:C2:86:3D:E0:4F:CF:21:17:76:3B
ValidityWed, 24 Apr 2024 15:12:43 GMT - Tue, 23 Jul 2024 15:12:42 GMT

File type
JavaScript source, ASCII text, with very long lines (44063), with no line terminators
Size
16 kB (15832 bytes)
Hash
ed128af3119016c2ea1bc741c515eb63
d02f4d3f96e69bb482f45180d053201be0cbde64
6bdcb9e72c9885104c39594e85b611d743aa3312486b5abb0566eccb4d952da7

HTTP Headers

GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: thoroughlypantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09412f83e0cd5c90b1fd9fcb77f14675
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

thoroughlypantry.com/watch.1370487066295.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5036c3a3fce49ac4daf7eb0b829691e9d6607c4fd8f214ea959ff04af09db62a55dc5e873c3dbd78c8a39ab5b6443cbc4c1fcfe0a1622897ec1d00d5277e990b65405deeaefc48e65bf86dd8fb6533d06fb6106c8526dbf6336622a4854e0d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.59.13

200 OK

2.0 kB

URL GET HTTP/1.1
thoroughlypantry.com/watch.1370487066295.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5036c3a3fce49ac4daf7eb0b829691e9d6607c4fd8f214ea959ff04af09db62a55dc5e873c3dbd78c8a39ab5b6443cbc4c1fcfe0a1622897ec1d00d5277e990b65405deeaefc48e65bf86dd8fb6533d06fb6106c8526dbf6336622a4854e0d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectthoroughlypantry.com
Fingerprint85:D3:46:2C:75:47:32:76:C2:77:C2:86:3D:E0:4F:CF:21:17:76:3B
ValidityWed, 24 Apr 2024 15:12:43 GMT - Tue, 23 Jul 2024 15:12:42 GMT

File type
JavaScript source, ASCII text, with very long lines (2466)
Size
2.0 kB (2019 bytes)
Hash
42288eb14877005dc8331dedc49c2a99
851dd3d475c217adf7e45176ceb5e923b546baca
a2d710b680d7218c7d73638ed46f068c50ea4972f6910d497e56b8804613554d

HTTP Headers

GET /watch.1370487066295.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5036c3a3fce49ac4daf7eb0b829691e9d6607c4fd8f214ea959ff04af09db62a55dc5e873c3dbd78c8a39ab5b6443cbc4c1fcfe0a1622897ec1d00d5277e990b65405deeaefc48e65bf86dd8fb6533d06fb6106c8526dbf6336622a4854e0d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: thoroughlypantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0ebff073-a41a-4349-9aa0-851ac3211d39:1:1; expires=Wed, 01 May 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e2d1ad8b9b69c9042ee37609a6f9fc9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pricklyachetongs.com/watch.1234645894016.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.61.227

307 Temporary Redirect

0 B

URL GET HTTP/1.1
pricklyachetongs.com/watch.1234645894016.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectpricklyachetongs.com
Fingerprint28:8F:D9:41:86:EE:76:7F:5C:B0:C5:34:CD:F8:6E:D5:59:77:1C:98
ValidityWed, 24 Apr 2024 15:15:09 GMT - Tue, 23 Jul 2024 15:15:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1234645894016.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: pricklyachetongs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://pricklyachetongs.com/watch.1234645894016.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5940565d409707b983db1e4da80961f07cf8b7458addb37d438f14af173b1214b053a7c4f700615ac2bd933095e88f47624080fa997a4e333726ac2f1b19f51e9021bc9fbe3007f1692cf6e49851f42b59e8d7029a5f947ad267d3554de414&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
Set-Cookie: u_pl=17566676; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM; expires=Wed, 24 Apr 2024 22:49:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 45ec21f7556260b9f8fbc2e76e1602ab
Strict-Transport-Security: max-age=0; includeSubdomains

jumpedanxious.com/watch.76117196832.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
jumpedanxious.com/watch.76117196832.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectjumpedanxious.com
Fingerprint11:0C:D6:84:95:BB:1E:9C:2D:47:45:E1:9F:5B:7B:AB:FA:F9:21:00
ValidityWed, 24 Apr 2024 15:00:10 GMT - Tue, 23 Jul 2024 15:00:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.76117196832.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: jumpedanxious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://jumpedanxious.com/watch.76117196832.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=43f6bdd22228285d4bd57c70c84c8f4e2a17bbb95ce47bf47ef85e32f175ec3068e5b9de043ee0ab662bf8dd464aae097cfcfd06dfb0bfab5fef6cb4a4f2561d0d7d97ae2051784446cd213990d14e8f5cd4d38f42ef5f5b60af9adc6740d2&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
Set-Cookie: u_pl=17566676; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM; expires=Wed, 24 Apr 2024 22:49:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bcdfd4c640b5ca916fdec568423eed01
Strict-Transport-Security: max-age=0; includeSubdomains

pricklyachetongs.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js

192.243.61.227

200 OK

16 kB

URL GET HTTP/1.1
pricklyachetongs.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectpricklyachetongs.com
Fingerprint28:8F:D9:41:86:EE:76:7F:5C:B0:C5:34:CD:F8:6E:D5:59:77:1C:98
ValidityWed, 24 Apr 2024 15:15:09 GMT - Tue, 23 Jul 2024 15:15:08 GMT

File type
JavaScript source, ASCII text, with very long lines (44043), with no line terminators
Size
16 kB (15827 bytes)
Hash
7248785adcc723ed4c00dabae3b1286c
3751f038c56a243514b50af6b7350765d8028af3
48975e856a7f777814322d9c15be8a9aa57cba9a4c61f05c4432d90d7407898d

HTTP Headers

GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: pricklyachetongs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2445e48452be63798cf9b9b1d5dcd021
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

archedmagnifylegislation.com/watch.695070196721.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.61.227

307 Temporary Redirect

0 B

URL GET HTTP/1.1
archedmagnifylegislation.com/watch.695070196721.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectarchedmagnifylegislation.com
Fingerprint68:00:6F:9F:1A:F7:1F:61:5E:30:B2:94:BB:29:71:9D:FB:29:B8:FB
ValidityWed, 24 Apr 2024 15:06:09 GMT - Tue, 23 Jul 2024 15:06:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.695070196721.js?key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&tz=0&dev=e&res=14.2071&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: archedmagnifylegislation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://archedmagnifylegislation.com/watch.695070196721.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=780fa6807315230689c26d230ec616558c0ed1e2ad18e8ddaefea48a9fb68f2c62175041ee7493ada375720969d7496bff757adb4615bc6ea22e16433972be951fbd62711d3164bdc8639df4a28ef1f626799671c681bd7130576a4b01317d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
Set-Cookie: u_pl=17566676; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM; expires=Wed, 24 Apr 2024 22:49:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d02e491386fa49b23cfef82944ff0799
Strict-Transport-Security: max-age=0; includeSubdomains

pricklyachetongs.com/watch.1234645894016.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5940565d409707b983db1e4da80961f07cf8b7458addb37d438f14af173b1214b053a7c4f700615ac2bd933095e88f47624080fa997a4e333726ac2f1b19f51e9021bc9fbe3007f1692cf6e49851f42b59e8d7029a5f947ad267d3554de414&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.61.227

200 OK

2.0 kB

URL GET HTTP/1.1
pricklyachetongs.com/watch.1234645894016.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5940565d409707b983db1e4da80961f07cf8b7458addb37d438f14af173b1214b053a7c4f700615ac2bd933095e88f47624080fa997a4e333726ac2f1b19f51e9021bc9fbe3007f1692cf6e49851f42b59e8d7029a5f947ad267d3554de414&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectpricklyachetongs.com
Fingerprint28:8F:D9:41:86:EE:76:7F:5C:B0:C5:34:CD:F8:6E:D5:59:77:1C:98
ValidityWed, 24 Apr 2024 15:15:09 GMT - Tue, 23 Jul 2024 15:15:08 GMT

File type
JavaScript source, ASCII text, with very long lines (2476)
Size
2.0 kB (2009 bytes)
Hash
03afccd6d10e3321cb1b3b12857a56dd
e09de4d1bd56eeb8851fa87cf057902584297f1f
e97fa2f856e529a03e213459e6ae92afe105530a8e33130850fa3228625c8b93

HTTP Headers

GET /watch.1234645894016.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=5940565d409707b983db1e4da80961f07cf8b7458addb37d438f14af173b1214b053a7c4f700615ac2bd933095e88f47624080fa997a4e333726ac2f1b19f51e9021bc9fbe3007f1692cf6e49851f42b59e8d7029a5f947ad267d3554de414&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: pricklyachetongs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0ebff073-a41a-4349-9aa0-851ac3211d39:1:1; expires=Wed, 01 May 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a53fd7e7ea354acf2aeed3414bc39a8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

jumpedanxious.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js

192.243.59.13

200 OK

16 kB

URL GET HTTP/1.1
jumpedanxious.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectjumpedanxious.com
Fingerprint11:0C:D6:84:95:BB:1E:9C:2D:47:45:E1:9F:5B:7B:AB:FA:F9:21:00
ValidityWed, 24 Apr 2024 15:00:10 GMT - Tue, 23 Jul 2024 15:00:09 GMT

File type
JavaScript source, ASCII text, with very long lines (44088), with no line terminators
Size
16 kB (15836 bytes)
Hash
3abbdb8ca4996811fb3c171af20ea22a
3493fb3c2f962017e528227296646403f935adef
fd89fce4895e1d6473a666d94eca3c4f9c3cc96011cbccff238177d71119e5f4

HTTP Headers

GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: jumpedanxious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8476c4a7eae9316c5d07f2188fca74f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

archedmagnifylegislation.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js

192.243.61.227

200 OK

16 kB

URL GET HTTP/1.1
archedmagnifylegislation.com/58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectarchedmagnifylegislation.com
Fingerprint68:00:6F:9F:1A:F7:1F:61:5E:30:B2:94:BB:29:71:9D:FB:29:B8:FB
ValidityWed, 24 Apr 2024 15:06:09 GMT - Tue, 23 Jul 2024 15:06:08 GMT

File type
JavaScript source, ASCII text, with very long lines (44048), with no line terminators
Size
16 kB (15826 bytes)
Hash
066a29125be3e6baffed668eecbb4d52
f59bc6969435611ed9e34e66c82ff71f9642f5a7
79a4a95a7ae104e69088d000ce5d987e4194b7eecccd99962e730bd165b7c98f

HTTP Headers

GET /58/e1/af/58e1af4b27929897d98a7f2ac70aed9f.js HTTP/1.1
Host: archedmagnifylegislation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a8d41b9e7117533b6278fc2111970e1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/bd/f1/03/bdf10332bf86a6103b47ec75eceebd73/1708270698.jpg

45.133.44.9

200 OK

83 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/bd/f1/03/bdf10332bf86a6103b47ec75eceebd73/1708270698.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 15:12:43], progressive, precision 8, 728x90, components 3
Size
83 kB (82939 bytes)
Hash
7d58d61d22f030eeb233d77f7699693f
739efe509f7d2e41328173dce54076a0aaab9fa9
0c7499eedf96cd39ff7695da2ceca3e4cdd0a189874f063477475c8a157078b8

HTTP Headers

GET /cti/bd/f1/03/bdf10332bf86a6103b47ec75eceebd73/1708270698.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:48:39 GMT
content-type: image/jpeg
content-length: 82939
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:38:26 GMT
etag: "65d22472-143fb"
expires: Fri, 26 Apr 2024 22:48:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png

45.133.44.9

200 OK

52 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced
Size
52 kB (51699 bytes)
Hash
6f9c8f0a811fe6684703e7e8321071d7
08c5ba25136cb05a143795418627b3984625266e
38ac3942fbb44a32b90f8c8627411050c83ec492a678dc73f56e1866b75bce89

HTTP Headers

GET /cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:48:39 GMT
content-type: image/png
content-length: 51699
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:23:57 GMT
etag: "65c9d59d-c9f3"
expires: Fri, 26 Apr 2024 22:48:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

jumpedanxious.com/watch.76117196832.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=43f6bdd22228285d4bd57c70c84c8f4e2a17bbb95ce47bf47ef85e32f175ec3068e5b9de043ee0ab662bf8dd464aae097cfcfd06dfb0bfab5fef6cb4a4f2561d0d7d97ae2051784446cd213990d14e8f5cd4d38f42ef5f5b60af9adc6740d2&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.59.13

200 OK

2.0 kB

URL GET HTTP/1.1
jumpedanxious.com/watch.76117196832.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=43f6bdd22228285d4bd57c70c84c8f4e2a17bbb95ce47bf47ef85e32f175ec3068e5b9de043ee0ab662bf8dd464aae097cfcfd06dfb0bfab5fef6cb4a4f2561d0d7d97ae2051784446cd213990d14e8f5cd4d38f42ef5f5b60af9adc6740d2&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectjumpedanxious.com
Fingerprint11:0C:D6:84:95:BB:1E:9C:2D:47:45:E1:9F:5B:7B:AB:FA:F9:21:00
ValidityWed, 24 Apr 2024 15:00:10 GMT - Tue, 23 Jul 2024 15:00:09 GMT

File type
JavaScript source, ASCII text, with very long lines (2459)
Size
2.0 kB (1996 bytes)
Hash
7b1e0d307ef768ece71044b925122948
d8c9b5bf37eb53edb835cdab837539b652cc6297
32c7d4d3278514ec4b4dd4a440c77d554037c03566e45455ff016917df5f4580

HTTP Headers

GET /watch.76117196832.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=43f6bdd22228285d4bd57c70c84c8f4e2a17bbb95ce47bf47ef85e32f175ec3068e5b9de043ee0ab662bf8dd464aae097cfcfd06dfb0bfab5fef6cb4a4f2561d0d7d97ae2051784446cd213990d14e8f5cd4d38f42ef5f5b60af9adc6740d2&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: jumpedanxious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0ebff073-a41a-4349-9aa0-851ac3211d39:1:1; expires=Wed, 01 May 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5d8bc0d279095de22601eaacd26c1202
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

28 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27461 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:39 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e0c6daef2e84e28748c98d8bb3adfb18
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 1
last-modified: Wed, 24 Apr 2024 22:48:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sTmfUn2xxqlKD8qDDerplSFC%2BQEap2xm2AWO5YaojJ0p8oWOiqd7cuQmrAjLW07QpEN7N8LWoZuG4Wjb1vWSRsPw5QSyOcx9Uhz0GIQ4otPXXNM0eMFxCkk6i6fiS0yswypdZJI1lHcS2P%2FFluAnZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a45d6e2c56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

archedmagnifylegislation.com/watch.695070196721.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=780fa6807315230689c26d230ec616558c0ed1e2ad18e8ddaefea48a9fb68f2c62175041ee7493ada375720969d7496bff757adb4615bc6ea22e16433972be951fbd62711d3164bdc8639df4a28ef1f626799671c681bd7130576a4b01317d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1

192.243.61.227

200 OK

2.0 kB

URL GET HTTP/1.1
archedmagnifylegislation.com/watch.695070196721.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=780fa6807315230689c26d230ec616558c0ed1e2ad18e8ddaefea48a9fb68f2c62175041ee7493ada375720969d7496bff757adb4615bc6ea22e16433972be951fbd62711d3164bdc8639df4a28ef1f626799671c681bd7130576a4b01317d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectarchedmagnifylegislation.com
Fingerprint68:00:6F:9F:1A:F7:1F:61:5E:30:B2:94:BB:29:71:9D:FB:29:B8:FB
ValidityWed, 24 Apr 2024 15:06:09 GMT - Tue, 23 Jul 2024 15:06:08 GMT

File type
JavaScript source, ASCII text, with very long lines (2472)
Size
2.0 kB (2003 bytes)
Hash
aba861c1989393135fd5af1e66962947
693307966f60b67acd6fc443352097d445c9586d
3564b60410b3516901d707a6c97a3796f1c9b93ae5ae5e4edfd4a73b02f59286

HTTP Headers

GET /watch.695070196721.js?dev=e&key=e445fc5fceeb52489a652f9894c20087&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1713998979&refer=https%3A%2F%2Flibgen.li%2Fads.php%3Fmd5%3De7b8c3cf30872c4fb4b7ace0fc7634d8&res=14.2071&rmtc=t&shu=780fa6807315230689c26d230ec616558c0ed1e2ad18e8ddaefea48a9fb68f2c62175041ee7493ada375720969d7496bff757adb4615bc6ea22e16433972be951fbd62711d3164bdc8639df4a28ef1f626799671c681bd7130576a4b01317d&tz=0&uuid=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1 HTTP/1.1
Host: archedmagnifylegislation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17566676; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NjY3NiwiayI6ImU0NDVmYzVmY2VlYjUyNDg5YTY1MmY5ODk0YzIwMDg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTQ5NTI1LCJwaWQiOjUyMDQ2NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoiZGdxeTIzczMiLCJjcGtzIjp7IjI4IjoiMGUyMzE0M2ZlNTA1M2FhMGE3NzliYTI5OTNjMmE4ZTEiLCIyOSI6IjU4ZTFhZjRiMjc5Mjk4OTdkOThhN2YyYWM3MGFlZDlmIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpYmdlbi5saS9hZHMucGhwP21kNT1lN2I4YzNjZjMwODcyYzRmYjRiN2FjZTBmYzc2MzRkOCIsImFyIjpbXX19.hK6VKTTJf71f2lBrGh-z4suEzjutG5zZwWt-Wj8yvsM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0ebff073-a41a-4349-9aa0-851ac3211d39:1:1; expires=Wed, 01 May 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 25 Apr 2024 22:48:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee901343eaf2789ff654c9b71557e1aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png

45.133.44.9

200 OK

52 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced
Size
52 kB (51699 bytes)
Hash
6f9c8f0a811fe6684703e7e8321071d7
08c5ba25136cb05a143795418627b3984625266e
38ac3942fbb44a32b90f8c8627411050c83ec492a678dc73f56e1866b75bce89

HTTP Headers

GET /cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:48:39 GMT
content-type: image/png
content-length: 51699
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:23:57 GMT
etag: "65c9d59d-c9f3"
expires: Fri, 26 Apr 2024 22:48:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png

45.133.44.9

200 OK

56 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced
Size
56 kB (56505 bytes)
Hash
231d615f0b920b0f0c8758342141193b
ca68f0f6e4c9124bbe61c49d789d0447076b0332
3e24999c26c1c68485e879756ea30639ccee4d7f30f1e2c0e5190818cbab8996

HTTP Headers

GET /cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:48:39 GMT
content-type: image/png
content-length: 56505
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:14:41 GMT
etag: "61080be1-dcb9"
expires: Fri, 26 Apr 2024 22:48:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d53e2728a6de1b6d59e60f5833fa9c3f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d1a0e5d6056318b1dedecb91a952605
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=58e1af4b27929897d98a7f2ac70aed9f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5ad27cbbbbbcffb889327e00f2ef492
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=0ebff073-a41a-4349-9aa0-851ac3211d39&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=042ff9b9b59bdc32b7a84fec6430fe85&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ace124a46c5452a3290772cb9f9eedd
Strict-Transport-Security: max-age=0; includeSubdomains

capaciousdrewreligion.com/advertisers.js

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC
ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 22:48:39 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c250ec8c81ef87eda7e8671dfc8c39f5
Strict-Transport-Security: max-age=0; includeSubdomains

libgen.li/css/font.min.css

172.67.193.122

200 OK

9.7 kB

URL GET HTTP/3
libgen.li/css/font.min.css
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
ASCII text, with very long lines (10506), with no line terminators
Size
9.7 kB (9687 bytes)
Hash
9e2ef5e40b8f39925c1c66bc9d92f5e7
7c3f02611f7535813f99923ce89ba2b5bee52634
368673b259231ff90a35ee7131c51db777f36db5b39b2c0c4ce60423d0ca1687

HTTP Headers

GET /css/font.min.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: text/css
last-modified: Wed, 09 Jun 2021 18:13:05 GMT
vary: Accept-Encoding
etag: W/"60c104b1-25d7"
expires: Tue, 30 Apr 2024 14:53:27 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 114910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ai2%2BN2Xv9S%2FbMW2bz8MLRFRZBBGzw015LVbccZNi2iNp6rTGN3VSA828XBytTsKxV1zbBYIc60%2FHkQlcFOP8kUFwnN%2Bxlg3y41MkMCrKuCnlI0QYkAkr4mdrof4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a4547e82b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

libgen.li/img/favicon.ico

172.67.193.122

200 OK

2.2 kB

URL GET HTTP/3
libgen.li/img/favicon.ico
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
Size
2.2 kB (2238 bytes)
Hash
1aae1c5c5b27e6d63ba2e0a8d596760e
2a8294e38dfc9474d869e05d2a9a42dcccfe3066
d3910a9bd312389bd76df879ad74c7c5f596b1056f1d86d537b6451738c61390

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0ebff073-a41a-4349-9aa0-851ac3211d39%3A1%3A1; pp_main_d53e2728a6de1b6d59e60f5833fa9c3f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:39 GMT
content-type: image/x-icon
last-modified: Mon, 13 May 2013 20:56:22 GMT
etag: W/"51915376-8be"
expires: Sun, 28 Apr 2024 11:39:24 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 299355
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETYQoH2bGyaKjyBogQMYR47VymYvr79rnU9tyJTDJGPMtK70pSoATT2mp7RGgFPsbUEgnqBNb4d8w5SZjbOOhVb1S0oaGIynes6Of%2FZ6mDC9PrIb3YPAJye6FSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a4619d04b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8

172.67.193.122

200 OK

20 kB

URL User Request GET HTTP/2
libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type

Size
20 kB (20439 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8 HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DE3hzxZuOTkNMtXjJYxbpTa4FY3uTH%2BowgY7Q%2BXlJQHu3QmaRJ2Ot4KjXB9OVBEgLtiLEcoI7sxhfSCAfRyrGcw5ePojtRCpzWPFW3XdCbm1VHyb66UM9nkw9%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a44fbd65b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

libgen.li/js/form-validation.js

172.67.193.122

200 OK

686 B

URL GET HTTP/3
libgen.li/js/form-validation.js
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
JavaScript source, ASCII text, with very long lines (707), with no line terminators
Size
686 B (686 bytes)
Hash
9b49fb891557236d80c4823d110ee45b
3cfdb12d1dc761ca69c01f5387795358b20ba6ff
3d4aa7a6338cdd568ef532bcb206dbaadd1c060cdf3873819b7f8fe242bf804c

HTTP Headers

GET /js/form-validation.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: application/javascript
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
etag: W/"5f859e98-2ae"
expires: Tue, 30 Apr 2024 14:58:57 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 114580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NlVSvhrGgZz0df0Gk03J%2F1N5yBzancRFDtdZzjtcwB%2BvA42axrdSEiOy2ZQygFUNHhDEfDhyDxg1ZGPA89m0KJdc44PEREIj0xDAzfH1uqbvJ2DzefqHIrLkgBU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a4548e8eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

libgen.li/js/popper.min.js

172.67.193.122

200 OK

19 kB

URL GET HTTP/3
libgen.li/js/popper.min.js
IP
172.67.193.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Certificate
IssuerGoogle Trust Services LLC
Subjectlibgen.li
Fingerprint06:24:55:C4:AE:3B:B5:C6:0A:90:28:66:BB:46:E7:6D:2C:0C:A3:F4
ValidityTue, 16 Apr 2024 21:18:07 GMT - Mon, 15 Jul 2024 21:18:06 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
19 kB (19150 bytes)
Hash
c2457ff14b8092f06f6d6610b202ec7f
6465bce461e777d6871c2d8dead3f6cfbbfab664
c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591

HTTP Headers

GET /js/popper.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/ads.php?md5=e7b8c3cf30872c4fb4b7ace0fc7634d8
Cookie: PHPSESSID=6ec0lm8cnpl3vr5mu3vmjjdrmb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:48:37 GMT
content-type: application/javascript
last-modified: Sun, 16 May 2021 04:13:40 GMT
etag: W/"60a09bf4-4ace"
expires: Tue, 30 Apr 2024 14:58:57 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 114580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAnzlmI8SPc9rCuj7pojJ7EiNAMiBm7%2FE6%2FrB8vS3LrNrgbtYBUtkIZrSMIGtu766Lx8Wl5sz%2B8PVlQHlzL0h0LOsMhyLvweBhupCwuG%2BQuVfD2XqkZf%2Fkdmg0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a4548e8bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by