Report - liber3.eth.limo/

Report Overview

Visited public
2025-04-29 17:48:26
Tags
URL
liber3.eth.limo/
Finishing URL
liber3.eth.limo/
IP / ASN
3.135.72.151
#16509 AMAZON-02
Title
Liber3

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
lgate.glitternode.ru	unknown	2023-06-27	2024-01-14	2025-01-02	1.1 kB	27 kB	172.86.116.219
liber3.eth.limo	unknown	2021-06-08	2023-10-06	2025-01-02	1.8 kB	5.0 MB	3.140.119.203
gateway.glitternode.ru	unknown	2023-06-27	2023-07-05	2025-01-02	514 B	282 B	167.88.172.236

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	liber3.eth.limo/	ScriptElement	129 B	2025-04-29	2025-05-14
Pretty URL liber3.eth.limo/ IP 3.140.119.203 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-29 17:48 Last Seen2025-05-14 03:21 Times Seen8 Hash 1825b770c690118ea290f10113c5a2e6 02a10a6f97f6c56ee886e0b8c4535a8f579caa97 6d92ee636ef958a38dcc0844d5ae06cadcb97bd65cde0b5e41a940d2ca1551f9 Loading...

	liber3.eth.limo/	Eval	7 B	2023-03-07	2025-05-17
Pretty URL liber3.eth.limo/ IP 3.140.119.203 ASN #16509 AMAZON-02 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-17 02:06 Times Seen31854 Hash f0ffd3b7c2574ac324603ed00488c850 623e76c36aa2a886542011e28412cc761d7ceb01 c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154 Loading...

	liber3.eth.limo/	Eval	7 B	2023-03-07	2025-05-17
Pretty URL liber3.eth.limo/ IP 3.140.119.203 ASN #16509 AMAZON-02 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-17 02:06 Times Seen31854 Hash f0ffd3b7c2574ac324603ed00488c850 623e76c36aa2a886542011e28412cc761d7ceb01 c4d0cf241a1bfa1c8bf4cf24e8f89d2ab786a284a39adb2fc8df7ea14e73c154 Loading...

	liber3.eth.limo/main-es-57cbecc5.js	ScriptElement	1.0 kB	2025-04-29	2025-05-14
Pretty URL liber3.eth.limo/main-es-57cbecc5.js IP 3.140.119.203 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-29 17:48 Last Seen2025-05-14 03:21 Times Seen8 Hash 35e91a25655ca86dda0dea4a999d2606 ebe3c21cac0ecd65c408d18df8bee0c7f7cf922e 4da42e68d4a57b286ed082679e07431fe017d61eb49d65596182855d60911ba3 Loading...

HTTP Transactions (7)

	URL	IP	Response	Size
	lgate.glitternode.ru/v1/feed/list	172.86.116.219	200 OK	26 kB
URL POST lgate.glitternode.ru/v1/feed/list IP 172.86.116.219:443 ASN #14956 ROUTERHOSTING Requested by https://liber3.eth.limo/ Certificate IssuerLet's Encrypt Subjectlgate.glitternode.ru Fingerprint4E:42:28:00:73:4D:BD:69:CC:66:DD:C3:62:9E:0D:EB:8D:78:E8:F0 ValiditySat, 05 Apr 2025 05:08:20 GMT - Fri, 04 Jul 2025 05:08:19 GMT File type JSON text data Size 26 kB (26194 bytes) Hash 193d92dd6ca73fad30a82920493346d9 694362610f93229d3fd3469e34ca8632c89c4546 927a0d713e6d2a31b5c3d57a62bc86be3653c5c9c7ba840f7f6b06802a0e5758 HTTP Headers POST /v1/feed/list HTTP/1.1 Host: lgate.glitternode.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://liber3.eth.limo/ Content-Type: application/json Content-Length: 15 Origin: https://liber3.eth.limo DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Apr 2025 17:48:09 GMT content-type: application/json; charset=utf-8 access-control-allow-credentials: true access-control-allow-origin: https://liber3.eth.limo vary: Origin access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization X-Firefox-Spdy: h2`

	liber3.eth.limo/book-tag-5b7f8074.svg	3.140.119.203	200 OK	653 B
URL GET liber3.eth.limo/book-tag-5b7f8074.svg IP 3.140.119.203:443 ASN #16509 AMAZON-02 Requested by https://liber3.eth.limo/ Certificate IssuerLet's Encrypt Subject.eth.limo FingerprintE6:69:28:07:71:E0:36:48:A4:2C:41:D6:D3:BC:29:08:19:9A:11:49 ValiditySun, 13 Apr 2025 09:07:56 GMT - Sat, 12 Jul 2025 09:07:55 GMT File type SVG Scalable Vector Graphics image Size 653 B (653 bytes) Hash ad7e0dee0fbfbe7d8e7799851b85b871 a5d9bce257149a79940ef432096ffb304d8a720b 5b7f807452735e857cec6f0b0df1d8b56ab57353de1955a80b5e87703691f99e HTTP Headers `GET /book-tag-5b7f8074.svg HTTP/1.1 Host: liber3.eth.limo User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://liber3.eth.limo/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-credentials: false access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With access-control-allow-methods: GET, HEAD, OPTIONS, POST access-control-allow-origin: * access-control-expose-headers: Content-Length,Content-Range,X-Chunked-Output,X-Ipfs-Path,X-Ipfs-Roots,X-Stream-Output age: 56755 alt-svc: h3=":8443"; ma=2592000 cache-control: max-age=300, must-revalidate clear-site-data: "cookies" content-encoding: gzip content-security-policy: frame-ancestors 'self'; content-type: image/svg+xml cross-origin-resource-policy: cross-origin date: Tue, 29 Apr 2025 02:02:14 GMT etag: "QmbhtiZZ2HYASGJh3Qja1f4UUcVPRV5Ng7jwMKatMYz9vn-gzip" permissions-policy: interest-cohort=() referrer-policy: strict-origin-when-cross-origin server: eth.limo strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-ipfs-path: /ipfs/bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y/book-tag-5b7f8074.svg x-ipfs-roots: bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y,QmbhtiZZ2HYASGJh3Qja1f4UUcVPRV5Ng7jwMKatMYz9vn x-true-host: liber3.eth.limo x-xss-protection: 1; mode=block content-length: 432 X-Firefox-Spdy: h2

	liber3.eth.limo/	3.140.119.203	200 OK	24 kB
URL User Request GET liber3.eth.limo/ IP 3.140.119.203:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subject.eth.limo FingerprintE6:69:28:07:71:E0:36:48:A4:2C:41:D6:D3:BC:29:08:19:9A:11:49 ValiditySun, 13 Apr 2025 09:07:56 GMT - Sat, 12 Jul 2025 09:07:55 GMT File type HTML document, ASCII text, with very long lines (20595) Size 24 kB (24401 bytes) Hash c6602df11cbaeb04592b5bc88abb53c3 d47f50ef8b0d7a5b4cd81f2ea9d16f4caa74b30f 4cc370829da0b3b75005e3d516381f7cf40ed940a70fbfb0fcdcfad5182a903d HTTP Headers `GET / HTTP/1.1 Host: liber3.eth.limo User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-credentials: false access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With access-control-allow-methods: GET, HEAD, OPTIONS, POST access-control-allow-origin: access-control-expose-headers: Content-Length,Content-Range,X-Chunked-Output,X-Ipfs-Path,X-Ipfs-Roots,X-Stream-Output alt-svc: h3=":8443"; ma=2592000 cache-control: max-age=300, must-revalidate clear-site-data: "cookies" content-encoding: gzip content-security-policy: frame-ancestors 'self'; content-type: text/html cross-origin-resource-policy: cross-origin date: Tue, 29 Apr 2025 17:48:04 GMT etag: "bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y-gzip" permissions-policy: interest-cohort=() referrer-policy: strict-origin-when-cross-origin server: eth.limo strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-ipfs-path: /ipfs/bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y/ x-ipfs-roots: bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y x-true-host: liber3.eth.limo x-xss-protection: 1; mode=block content-length: 3184 X-Firefox-Spdy: h2

	liber3.eth.limo/main-es-57cbecc5.js	3.140.119.203	200 OK	3.7 MB
URL GET liber3.eth.limo/main-es-57cbecc5.js IP 3.140.119.203:443 ASN #16509 AMAZON-02 Requested by https://liber3.eth.limo/ Certificate IssuerLet's Encrypt Subject.eth.limo FingerprintE6:69:28:07:71:E0:36:48:A4:2C:41:D6:D3:BC:29:08:19:9A:11:49 ValiditySun, 13 Apr 2025 09:07:56 GMT - Sat, 12 Jul 2025 09:07:55 GMT File type JavaScript source, ASCII text, with very long lines (27886) Size 3.7 MB (3740660 bytes) Hash f85341598f985b492dce11fb4751121f c0231f7a4a60a9fddbd3c41427e09c2961d4e16d 96ea4f11f1d49c22dd65a9027aa672702e5eec88b53e28ee6ccf3f7ca12c87f5 HTTP Headers `GET /main-es-57cbecc5.js HTTP/1.1 Host: liber3.eth.limo User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://liber3.eth.limo/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-credentials: false access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With access-control-allow-methods: GET, HEAD, OPTIONS, POST access-control-allow-origin: * access-control-expose-headers: Content-Length,Content-Range,X-Chunked-Output,X-Ipfs-Path,X-Ipfs-Roots,X-Stream-Output age: 75551 alt-svc: h3=":8443"; ma=2592000 cache-control: max-age=300, must-revalidate clear-site-data: "cookies" content-encoding: gzip content-security-policy: frame-ancestors 'self'; content-type: text/javascript; charset=utf-8 cross-origin-resource-policy: cross-origin date: Mon, 28 Apr 2025 20:48:54 GMT etag: "QmdkabHgDMAs2RMLkmQn59yMrm4RrhCwTTwnorZ5oE8SNY-gzip" permissions-policy: interest-cohort=() referrer-policy: strict-origin-when-cross-origin server: eth.limo strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-ipfs-path: /ipfs/bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y/main-es-57cbecc5.js x-ipfs-roots: bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y,QmdkabHgDMAs2RMLkmQn59yMrm4RrhCwTTwnorZ5oE8SNY x-true-host: liber3.eth.limo x-xss-protection: 1; mode=block X-Firefox-Spdy: h2

	liber3.eth.limo/index-eb7c893e.css	3.140.119.203	200 OK	1.2 MB
URL GET liber3.eth.limo/index-eb7c893e.css IP 3.140.119.203:443 ASN #16509 AMAZON-02 Requested by https://liber3.eth.limo/ Certificate IssuerLet's Encrypt Subject.eth.limo FingerprintE6:69:28:07:71:E0:36:48:A4:2C:41:D6:D3:BC:29:08:19:9A:11:49 ValiditySun, 13 Apr 2025 09:07:56 GMT - Sat, 12 Jul 2025 09:07:55 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 1.2 MB (1206697 bytes) Hash 6b6bfc6517f22d4f7c1c5f95c98149c6 5ce2dd688ab1bb13b15e8544629eff92a8a01720 eb7c893e6b4d665173f332347c75d209a65a767b1bfaa80940f719f00431e8d8 HTTP Headers `GET /index-eb7c893e.css HTTP/1.1 Host: liber3.eth.limo User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://liber3.eth.limo/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK access-control-allow-credentials: false access-control-allow-headers: Content-Type,Range,User-Agent,X-Requested-With access-control-allow-methods: GET, HEAD, OPTIONS, POST access-control-allow-origin: access-control-expose-headers: Content-Length,Content-Range,X-Chunked-Output,X-Ipfs-Path,X-Ipfs-Roots,X-Stream-Output age: 76282 alt-svc: h3=":8443"; ma=2592000 cache-control: max-age=300, must-revalidate clear-site-data: "cookies" content-encoding: gzip content-security-policy: frame-ancestors 'self'; content-type: text/css; charset=utf-8 cross-origin-resource-policy: cross-origin date: Mon, 28 Apr 2025 20:36:43 GMT etag: "QmbxgaicJdGJgb5q4xvkYRhUB6PQMK7MvcnqdyxtyFXQsH-gzip" permissions-policy: interest-cohort=() referrer-policy: strict-origin-when-cross-origin server: eth.limo strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Accept-Encoding x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-ipfs-path: /ipfs/bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y/index-eb7c893e.css x-ipfs-roots: bafybeibmzhyyksuxchztmrgdyyzo7p22zdvs6dmhh62tgjkik6bnmlko5y,QmbxgaicJdGJgb5q4xvkYRhUB6PQMK7MvcnqdyxtyFXQsH x-true-host: liber3.eth.limo x-xss-protection: 1; mode=block X-Firefox-Spdy: h2

	gateway.glitternode.ru/tk.gif?p=home&a=init&u=2093ce7b-51e0-4b67-ad19-a1b8768df38f&pd=Liber3&ev=page_view	167.88.172.236	200 OK	43 B
URL GET gateway.glitternode.ru/tk.gif?p=home&a=init&u=2093ce7b-51e0-4b67-ad19-a1b8768df38f&pd=Liber3&ev=page_view IP 167.88.172.236:443 ASN #14956 ROUTERHOSTING Requested by https://liber3.eth.limo/ Certificate IssuerLet's Encrypt Subjectgateway.glitternode.ru Fingerprint86:FB:56:0C:93:28:11:C1:E2:7C:C9:B5:92:CB:A3:AB:77:12:E3:83 ValidityThu, 17 Apr 2025 16:06:09 GMT - Wed, 16 Jul 2025 16:06:08 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash 478c545eb313e1e3168d091c52b4f2db af3dba429489cdee5a27c1f77f6e3bf83640d909 d16c896fa705522b0bcf8f7e7f307791ad597ee77ad1ae2d5b99c71a2dbda8ef HTTP Headers `GET /tk.gif?p=home&a=init&u=2093ce7b-51e0-4b67-ad19-a1b8768df38f&pd=Liber3&ev=page_view HTTP/1.1 Host: gateway.glitternode.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://liber3.eth.limo/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Apr 2025 17:48:08 GMT content-type: image/gif content-length: 43 last-modified: Sun, 24 Sep 2023 13:55:37 GMT etag: "65103fd9-2b" accept-ranges: bytes X-Firefox-Spdy: h2`

	lgate.glitternode.ru/v1/feed/list	172.86.116.219	204 No Content	0 B
URL OPTIONS lgate.glitternode.ru/v1/feed/list IP 172.86.116.219:443 ASN #14956 ROUTERHOSTING Requested by https://liber3.eth.limo/ Certificate IssuerLet's Encrypt Subjectlgate.glitternode.ru Fingerprint4E:42:28:00:73:4D:BD:69:CC:66:DD:C3:62:9E:0D:EB:8D:78:E8:F0 ValiditySat, 05 Apr 2025 05:08:20 GMT - Fri, 04 Jul 2025 05:08:19 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /v1/feed/list HTTP/1.1 Host: lgate.glitternode.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://liber3.eth.limo/ Origin: https://liber3.eth.limo DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 204 No Content server: nginx/1.18.0 (Ubuntu) date: Tue, 29 Apr 2025 17:48:08 GMT access-control-allow-credentials: true access-control-allow-origin: https://liber3.eth.limo access-control-max-age: 43200 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS, GET, POST, OPTIONS access-control-allow-headers: Origin,Content-Length,Content-Type,Token_address,Authentication-Tokens, DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL POST

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by