Report - libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988

Report Overview

Visited public
2025-01-29 03:39:30
Tags
Submit Tags
URL
libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Finishing URL
libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
IP / ASN
193.218.118.42
#207656 Epinatura LLC
Title
Library Genesis

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
libgen.rs	165239	2020-08-27	2020-08-27	2024-12-15	2.4 kB	27 kB	193.218.118.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-29	medium	libgen.rs	Sinkholed
2025-01-29	medium	libgen.rs	Sinkholed
2025-01-29	medium	libgen.rs	Sinkholed
2025-01-29	medium	libgen.rs	Sinkholed
2025-01-29	medium	libgen.rs	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	libgen.rs/paginator3000.js	ScriptElement	12 kB	2023-03-10	2025-07-08
Pretty URL libgen.rs/paginator3000.js IP 193.218.118.42 ASN #207656 Epinatura LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:43 Last Seen2025-07-08 20:27 Times Seen24 Hash 2219f930b1c4f57532e0e816912705c0 961477ce64f98b765697d868f16d929334a73d31 fd97097f4c8a8636686956d117e8db6fcc2b94e8e04be11f96c2fa7e9d79da63 Loading...

HTTP Transactions (5)

URL IP Response Size

GET libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988

193.218.118.42

200 OK

993 B

URL User Request GET HTTP/1.1
libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
IP
193.218.118.42:443
ASN
#207656 Epinatura LLC

Certificate
IssuerLet's Encrypt
Subjectlibgen.rs
Fingerprint06:E3:CC:36:40:33:DB:96:CC:69:82:8F:1E:60:D8:06:47:B4:9A:02
ValidityWed, 15 Jan 2025 03:40:54 GMT - Tue, 15 Apr 2025 03:40:53 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
993 B (993 bytes)
Hash
f4cf3909c618a99b96fe0498e9431f6c
b60908c90e3ba9c7191260841f425ec71d31b506
92f092076a07a4e5bb1216366eba2311db1534ff2d5e8ee9b98dfea32f0776c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988 HTTP/1.1
Host: libgen.rs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Jan 2025 03:39:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET libgen.rs/menu.css

193.218.118.42

200 OK

9.1 kB

URL GET HTTP/1.1
libgen.rs/menu.css
IP
193.218.118.42:443
ASN
#207656 Epinatura LLC

Requested by
https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Certificate
IssuerLet's Encrypt
Subjectlibgen.rs
Fingerprint06:E3:CC:36:40:33:DB:96:CC:69:82:8F:1E:60:D8:06:47:B4:9A:02
ValidityWed, 15 Jan 2025 03:40:54 GMT - Tue, 15 Apr 2025 03:40:53 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
9.1 kB (9111 bytes)
Hash
5bfa319997f5673ce3ac3c98a7b95ff1
876318f249210f16e0fdd448c997d426319a1e31
861af4e09e91918052e003c28a74f9740e2f0462a3ad73665a2348d1a0a6dd99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /menu.css HTTP/1.1
Host: libgen.rs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Jan 2025 03:39:00 GMT
Content-Type: text/css
Content-Length: 9111
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:48:25 GMT
Vary: Accept-Encoding
ETag: "637d7be9-2397"
Accept-Ranges: bytes

GET libgen.rs/paginator3000.js

193.218.118.42

200 OK

12 kB

URL GET HTTP/1.1
libgen.rs/paginator3000.js
IP
193.218.118.42:443
ASN
#207656 Epinatura LLC

Requested by
https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Certificate
IssuerLet's Encrypt
Subjectlibgen.rs
Fingerprint06:E3:CC:36:40:33:DB:96:CC:69:82:8F:1E:60:D8:06:47:B4:9A:02
ValidityWed, 15 Jan 2025 03:40:54 GMT - Tue, 15 Apr 2025 03:40:53 GMT

File type
HTML document, ASCII text
Size
12 kB (12004 bytes)
Hash
2219f930b1c4f57532e0e816912705c0
961477ce64f98b765697d868f16d929334a73d31
fd97097f4c8a8636686956d117e8db6fcc2b94e8e04be11f96c2fa7e9d79da63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /paginator3000.js HTTP/1.1
Host: libgen.rs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Jan 2025 03:39:00 GMT
Content-Type: application/javascript
Content-Length: 12004
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:48:25 GMT
Vary: Accept-Encoding
ETag: "637d7be9-2ee4"
Accept-Ranges: bytes

GET libgen.rs/paginator3000.css

193.218.118.42

200 OK

1.8 kB

URL GET HTTP/1.1
libgen.rs/paginator3000.css
IP
193.218.118.42:443
ASN
#207656 Epinatura LLC

Requested by
https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Certificate
IssuerLet's Encrypt
Subjectlibgen.rs
Fingerprint06:E3:CC:36:40:33:DB:96:CC:69:82:8F:1E:60:D8:06:47:B4:9A:02
ValidityWed, 15 Jan 2025 03:40:54 GMT - Tue, 15 Apr 2025 03:40:53 GMT

File type
HTML document, ASCII text
Size
1.8 kB (1805 bytes)
Hash
b53651d82332262e29997d3dc523decd
6728c410fb681b05b59966bc78bc6902c851cd7d
516f6144fa746e04d0ecf92557dcf60b050a4f55b0a16a7aba2d4430cb147e14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /paginator3000.css HTTP/1.1
Host: libgen.rs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Jan 2025 03:39:00 GMT
Content-Type: text/css
Content-Length: 1805
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:48:25 GMT
Vary: Accept-Encoding
ETag: "637d7be9-70d"
Accept-Ranges: bytes

GET libgen.rs/favicon.ico

193.218.118.42

200 OK

2.2 kB

URL GET HTTP/1.1
libgen.rs/favicon.ico
IP
193.218.118.42:443
ASN
#207656 Epinatura LLC

Requested by
https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Certificate
IssuerLet's Encrypt
Subjectlibgen.rs
Fingerprint06:E3:CC:36:40:33:DB:96:CC:69:82:8F:1E:60:D8:06:47:B4:9A:02
ValidityWed, 15 Jan 2025 03:40:54 GMT - Tue, 15 Apr 2025 03:40:53 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
Size
2.2 kB (2238 bytes)
Hash
1aae1c5c5b27e6d63ba2e0a8d596760e
2a8294e38dfc9474d869e05d2a9a42dcccfe3066
d3910a9bd312389bd76df879ad74c7c5f596b1056f1d86d537b6451738c61390

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: libgen.rs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.rs/book/bibtex.php?md5=42DC30C5938BA67EF2FF82F7A20E5988
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Jan 2025 03:39:01 GMT
Content-Type: image/x-icon
Content-Length: 2238
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:48:25 GMT
ETag: "637d7be9-8be"
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers