Report - libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E

Report Overview

Visited public
2024-09-24 15:35:32
Tags
Submit Tags
URL
libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Finishing URL
libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
IP / ASN
172.67.193.122
#13335 CLOUDFLARENET
Title
Library Genesis

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
inscribemutenessforced.com	unknown	2024-08-19	2024-08-27 09:41:21	2024-09-10 13:18:23	2.2 kB	70 kB	172.240.127.234
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27 13:27:45	2024-09-24 01:45:13	408 B	375 B	185.196.197.72
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2024-09-24 14:08:23	1.4 kB	64 kB	104.18.187.31
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2024-09-24 14:13:55	427 B	32 kB	151.101.194.137
lookebonyhill.com	unknown	2024-08-12	2024-09-18 10:25:21	2024-09-24 07:51:41	3.0 kB	6.5 kB	172.240.108.68
obtaintrout.com	unknown	2024-08-12	2024-09-18 10:25:03	2024-09-24 01:45:12	2.5 kB	6.0 kB	172.240.108.84
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-09-24 07:54:34	729 B	471 B	192.243.61.227
recordedthereby.com	unknown	2024-05-08	2024-05-14 07:24:53	2024-09-24 09:46:19	396 B	86 kB	104.21.91.24
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-09-24 08:15:45	421 B	418 B	52.29.233.155
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-24 14:07:48	981 B	2.7 kB	23.36.76.226
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-09-24 15:04:45	416 B	106 kB	142.250.74.168
bereaveencodefestive.com	unknown	2024-08-12	2024-09-18 10:37:16	2024-09-24 01:59:52	2.5 kB	6.0 kB	192.243.61.225
libgen.li	224851	unknown	2019-12-08 14:57:38	2024-09-21 01:59:38	7.0 kB	361 kB	104.21.57.230
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-17 16:43:04	2024-09-24 09:46:19	1.3 kB	690 kB	45.133.44.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-24	medium	bereaveencodefestive.com	Sinkholed
2024-09-24	medium	bereaveencodefestive.com	Sinkholed
2024-09-24	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E	ScriptElement	153 B	2024-05-16	2025-02-27
Pretty URL libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-16 06:56 Last Seen2025-02-27 02:14 Times Seen69 Hash 7dfec06ba25105434862ecdcc165ea7e b794f40cc79a92a7c40d099ba2ff97d4deae241a c6cbfe0f8390cca59a792eb3716e71c5f91025940c753b13b6c7f12cbd24658d Loading...

	libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E	ScriptElement	280 B	2024-09-24	2025-04-18
Pretty URL libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-24 17:35 Last Seen2025-04-18 13:18 Times Seen37 Hash 905932b9c6e2d088b2a08c225e979235 c6e8e216ae510f9b15c9254c2b070d58bcc2b1df 3c092ddc485e70b88831bc64f81dd14055eb005850ef183800a680b094d1a697 Loading...

	libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E	ScriptElement	344 B	2024-09-24	2024-12-31
Pretty URL libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-24 17:35 Last Seen2024-12-31 17:52 Times Seen9 Hash c7a6b4b89b7c80cefbee98bfaf59c696 26a455816ba2c19a90cb590fa81385e130c6499c 44bfaf26f67b8992f7857c6326930ac2cd0dd93518e139eef64879f2ee33dd10 Loading...

	libgen.li/js/form-validation.js	ScriptElement	686 B	2023-03-07	2025-06-26
Pretty URL libgen.li/js/form-validation.js IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-26 02:40 Times Seen202 Hash 0b7eb3e3f49c158dcc9f4787dc1eb2d5 f1426bab12a38e3c7be0924785b6808de919be15 ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34 Loading...

	inscribemutenessforced.com//invoke.js	ScriptElement	0 B	0001-01-01	2025-06-27
Pretty URL inscribemutenessforced.com//invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-06-27 05:55 Times Seen5153910 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	libgen.li/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.0 kB	2024-09-28	2024-09-28
Pretty URL libgen.li/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen2 Hash 4b1a5f0df2eed96fb89fed923a09acab 62771476f46f42a9906e0e216effa56bc06ac8f3 07c75b23ba4be16cafafdd859f6d849c940494d8135f9b30f6e29b034d6c62de Loading...

	unknown	ScriptElement	145 B	2024-09-24	2024-12-31
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-24 17:35 Last Seen2024-12-31 17:52 Times Seen9 Hash 865ad8151d25a95829c56e046a4eb27f de5f06104edc21b08450dcab8496cd14e7eaf554 c5b75b15a938b9737d3e62cd2626ae0b32c6aa563e656bb56aba7da1ebc21366 Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-06-27
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-27 05:55 Times Seen224847 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	libgen.li/js/dark-mode-switch.js	ScriptElement	2.9 kB	2023-03-07	2025-06-26
Pretty URL libgen.li/js/dark-mode-switch.js IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-26 02:40 Times Seen202 Hash 9ca505b605f0247bb2db2e8ba898ac2a 576412cb53709781f9be65f9b3b08d9d51494a75 2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 104.21.91.24 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js	ScriptElement	24 kB	2024-09-28	2024-09-28
Pretty URL inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash 1150f7123dc93798fa705494f191c557 4c689e5a4666de901dce091b2a434b18461518d9 69f721119997e695dfeda7ee4159584ebed12c62621049e16516c00b62af8f45 Loading...

	inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js	ScriptElement	24 kB	2024-09-24	2024-10-11
Pretty URL inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-24 17:35 Last Seen2024-10-11 09:00 Times Seen4 Hash 5cd69e88e42e42a0e3ae6978f25f0d45 36e08208c38e81b3e3143981a458e80416077939 fb94d3c73a86ef24ecad03af6afb2b2412d62bcaa96a54989c4ebfc9a722df63 Loading...

	unknown	ScriptElement	3.4 kB	2024-09-28	2024-09-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash 7c018c43f6e80fc5e7ac77e25dc1d99e a8d927626b7925b5b980b1351aef975fa51865f8 6f0f05c08c9b67f23c41645378eb10461b04628501c780c1cb22261e4f825e55 Loading...

	www.googletagmanager.com/gtag/js?id=G-K76L8NRWEJ	ScriptElement	317 kB	2024-09-28	2024-09-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-K76L8NRWEJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash d0715e10b4e08f09f8fec955f764a36d 2fc090a365e4a9098c7e1fa4e69469f3108ba7f0 6d057d640c54e8ad1a75be2b45e0e5d384b2fe4589934b46204831ea769f6945 Loading...

	inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js	ScriptElement	24 kB	2024-09-28	2024-09-28
Pretty URL inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash d68408506f9990f3a554e6005306b63a 98fe3cc2d335c6b7d72673c4e0bb6d02782f3c2e f284cc8162bd347e177660e1bc83da53ae243abfe9c3d2c39aa1a3c8aaf055b0 Loading...

	libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-06-27
Pretty URL libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-27 05:55 Times Seen79367 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	inscribemutenessforced.com/e0/07/69/e0076952392f58c5dd9db43debf2f780.js	ScriptElement	95 kB	2024-09-24	2024-09-28
Pretty URL inscribemutenessforced.com/e0/07/69/e0076952392f58c5dd9db43debf2f780.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-24 17:35 Last Seen2024-09-28 08:00 Times Seen2 Hash b8db7f18b6e8be09047bc68a65a947f7 d07a05ea55c27b289d5af624c40bb24feea7f9f8 2074ef6b08411fc1520599e5630a9068eec66f01de4f8e8e2f51dc96557deed9 Loading...

	unknown	ScriptElement	3.4 kB	2024-09-28	2024-09-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash 703af14261e9d777e0517655c49b1005 16f710bab4cc98ea8e66c324674b9dd30ab83882 b10e467f725f5c2893adc5b6a0f2a169f868d25d9876625569682920cc174321 Loading...

	unknown	ScriptElement	3.4 kB	2024-09-28	2024-09-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash 5a3112f67324dbe8e25313a7948a3795 b3dfab3095b5cba89f4de82a3cdfaad1149f6428 b7b0b9a3f50a5574d0d5555e9e26cd90d5213809d7ae63dc7bf6c6e178d43168 Loading...

	libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E	ScriptElement	104 B	2023-03-07	2025-06-26
Pretty URL libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-26 02:40 Times Seen201 Hash def44b42463054e6a3ca51c280766b6e e1524e0ecc5f06477961900160e1dbbacfc660c6 d37f576c2402a765c4c20adfb2f120d139506ff6526cff2dea6cb7da5f611c5c Loading...

	libgen.li/js/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-06-26
Pretty URL libgen.li/js/popper.min.js IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-26 23:52 Times Seen245 Hash c2457ff14b8092f06f6d6610b202ec7f 6465bce461e777d6871c2d8dead3f6cfbbfab664 c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js	ScriptElement	63 kB	2023-03-07	2025-06-26
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-26 16:09 Times Seen1461 Hash f20fa8b102f205141295cdefd6ffe449 0c4e8445f6f0c9611dc1c13dc6f085eb4bcaca0b d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js	ScriptElement	84 kB	2023-03-07	2025-06-27
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-27 05:15 Times Seen6340 Hash 7f389f5d2622ce2090eca7c36bcb90bc ab27031159724e2421f6ff5c70f48e657abe9d39 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01 Loading...

	libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E	ScriptElement	921 B	2024-09-28	2024-09-28
Pretty URL libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E IP 104.21.57.230 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash b2bdf370ee6959d7787fedb602bf6780 849656f8ea28cb9fe80e6e62fce2914e8f9b5b37 7b74f13ccf6b679524c864c276c4cacadfd2e8049f5be56494e4f4a9c4fa7d4e Loading...

	unknown	ScriptElement	236 B	2024-09-28	2024-09-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash 61200774bc7aa2a1b927cf8ab3df948f cc256a78aeba982d7457a0e42d9f685b4ffb77f7 87829f549cc12b9c411aac0a432f3faa018b6789637666a4cf51a310e2a440e5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5318982f5bb3359da4abfd555f4007b0	2.1 kB	2024-09-28 08:00	2024-09-28 08:00
Pretty Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash 5318982f5bb3359da4abfd555f4007b0 c6bc2b8fedc1477b5d13fdd1a1ad332529d1de40 bd7d259451839329bf2b7ff2dd472769e92c4fd47a93a0e90c0e04b4035a1be5 Loading...

	#2 Eval - dc7cf2f371363eaef942775e5614c90c	2.1 kB	2024-09-28 08:00	2024-09-28 08:00
Pretty Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash dc7cf2f371363eaef942775e5614c90c b819f3596eaf7d35fbd0b5a4c03484a4032a7195 5d7836c27abe0a3ac821f8e77bf978f5bfddc22afc4b9da9e1ab02654071bb9e Loading...

	#3 Eval - 371fc0439603ef17614619a81551accd	2.1 kB	2024-09-28 08:00	2024-09-28 08:00
Pretty Observations First Seen2024-09-28 08:00 Last Seen2024-09-28 08:00 Times Seen1 Hash 371fc0439603ef17614619a81551accd 47a4ca434dfc0aea85e1e3b154d7aa0b4b3d764a 5471ec042f394c99aac15a2de1bbde4d6365b3112e8e174113ffa0be82165a7f Loading...

		Size	First Seen	Last Seen
	#1 Write - bc563bdf884c0d2b83792b927aef1512	92 B	2024-09-24 17:35	2025-04-18 13:18
Pretty Observations First Seen2024-09-24 17:35 Last Seen2025-04-18 13:18 Times Seen37 Hash bc563bdf884c0d2b83792b927aef1512 e85caef091b6d7df3df4da40417225fce20e8f63 a0dd93b255c5f0bc6900881eeb365566cfc1609f416c36cfce72d3a4a9767d9d Loading...

	#2 Write - 06f3f85ab405672796982548ac2b2fda	124 B	2024-09-24 17:35	2024-12-31 17:52
Pretty Observations First Seen2024-09-24 17:35 Last Seen2024-12-31 17:52 Times Seen9 Hash 06f3f85ab405672796982548ac2b2fda 58ecc315f07b31f96a4ac49914878b4f9aa84324 abc221fe813d21d512cddc9fd9267c6bf361ca32abea928ba09a1e8797e2edb6 Loading...

HTTP Transactions (40)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
c6c7d535128f9eb2ec6dcd3d7d62919a
5aaa50926b462ccfc32d84db180a9af68e4d6b46
d498f9efc3307515c07f69fe4e630319e60c13d37700b7f35297c9b8d442b690

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D498F9EFC3307515C07F69FE4E630319E60C13D37700B7F35297C9B8D442B690"
Last-Modified: Sun, 22 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5906
Expires: Tue, 24 Sep 2024 17:13:31 GMT
Date: Tue, 24 Sep 2024 15:35:05 GMT
Connection: keep-alive

GET cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

104.18.187.31

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65326)
Size
24 kB (23906 bytes)
Hash
023b3876bb73aa541367fc40a193d2b7
8ed2d6350d23f857d92805737d0f97c675de666b
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: text/css; charset=utf-8
content-length: 23906
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
x-served-by: cache-fra-etou8220099-FRA, cache-lga21974-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7019298
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQAt5lpva8bdOnoT7qixooRRmxxQi%2BkCdDwUtd%2BIr%2FYEvok0wU2EFSyBLR29eVd0v%2F9A8JPNax%2BnKv1W7LsH5pdGBXliWwFCErdHiXDUNYV8AphOb562OsNxFxyi9qujhIA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83d7a90f605699-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

104.18.187.31

200 OK

22 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
22 kB (21773 bytes)
Hash
7f389f5d2622ce2090eca7c36bcb90bc
ab27031159724e2421f6ff5c70f48e657abe9d39
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 21773
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
x-served-by: cache-fra-etou8220114-FRA, cache-lga21959-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 8916402
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyVfm6uwtHpw90ah3PXZ9zPciA4tSkswrleOMp3XKxXRVr7n803FJChcSyCgExOmqiM4YNDDKEgu4l3Zc%2Fb6n0i3Mx%2B%2BISPhpVJjQ3dxRqnmghqS8uyxY6ezSJ94KjAzS2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83d7a90974b50f-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

104.18.187.31

200 OK

15 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (62961)
Size
15 kB (14911 bytes)
Hash
f20fa8b102f205141295cdefd6ffe449
0c4e8445f6f0c9611dc1c13dc6f085eb4bcaca0b
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 14911
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
content-encoding: gzip
x-served-by: cache-fra-etou8220064-FRA, cache-lga21938-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 8921911
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDdmIDfTsb8S0iTQA5qbIXFZxD3CLiTFGYav0g3A4u7D%2FuOyEmwwrfbpSNaI1bbJpNITt3GQipUB64k4gqNESvagYZfHFEYE0dfPAn3FXCG3rrX1476AgXGmRCfpe7TOdxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83d7a9096fb50f-OSL
X-Firefox-Spdy: h2

GET libgen.li/img/logo.png

104.21.57.230

200 OK

2.0 kB

URL GET HTTP/2
libgen.li/img/logo.png
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
PNG image data, 64 x 90, 8-bit colormap, non-interlaced
Size
2.0 kB (1976 bytes)
Hash
1d7aaa9da9adc174db1fb4c6a69d7bfb
b5acc94460f3609334599b914bede8beb085b669
4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: image/png
content-length: 1976
last-modified: Sat, 30 May 2020 06:17:58 GMT
etag: "5ed1fa96-7b8"
expires: Sun, 29 Sep 2024 05:42:53 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 208333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvARPb0O56YFkA%2BDG9g7jUEWdXYKt5%2FlxHbKD0m3ncZf67ayMjs4SYFjnllhxqOiUUtOSlWtlzyRfcQZ%2FDTD7TpkujJeIfbMT7%2BeRI%2Bevj2z71cenCO4iGTH7gE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7a8faff66b4-AMS
X-Firefox-Spdy: h2

GET libgen.li/fictioncovers/613000/f127e406ce326b7529d6c39fab14b302.jpg

104.21.57.230

200 OK

36 kB

URL GET HTTP/2
libgen.li/fictioncovers/613000/f127e406ce326b7529d6c39fab14b302.jpg
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 331x500, components 3
Size
36 kB (35575 bytes)
Hash
f60b26b66b28663ec6c75a87623c3d67
ffa6702d420d9d8d5209870b27293ad72da94597
a9a2dc461c883e0a67b8a60d62d5657df16e1ca4be8ee86204231d02c3085983

HTTP Headers

GET /fictioncovers/613000/f127e406ce326b7529d6c39fab14b302.jpg HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: image/jpeg
content-length: 35575
last-modified: Mon, 13 Aug 2012 22:25:34 GMT
etag: "100000169be95-8af7-4c72d2c1ef464"
expires: Mon, 30 Sep 2024 21:02:20 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 66766
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pAfQsIeZlDZXSyDvcvPL2hB2lia9Jtii09TTAvvOBL41S8iTTHwdzbiGm7lFD8MHGp36gnZMlsPv0rJpp1%2BQ%2FpfYmOkfdGgviIwhqGnie6nOF4xfBcrtN4Tvws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7a8fb0b66b4-AMS
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.6.0.min.js

151.101.194.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 24 Sep 2024 15:35:06 GMT
age: 3384212
x-served-by: cache-lga21931-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 1273207
x-timer: S1727192106.499123,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-K76L8NRWEJ

142.250.74.168

200 OK

105 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-K76L8NRWEJ
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint8F:FB:38:1E:52:FC:DC:A9:59:49:87:DE:AC:8B:98:2B:57:09:5D:BA
ValidityMon, 26 Aug 2024 06:33:47 GMT - Mon, 18 Nov 2024 06:33:46 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
105 kB (104930 bytes)
Hash
d0715e10b4e08f09f8fec955f764a36d
2fc090a365e4a9098c7e1fa4e69469f3108ba7f0
6d057d640c54e8ad1a75be2b45e0e5d384b2fe4589934b46204831ea769f6945

HTTP Headers

GET /gtag/js?id=G-K76L8NRWEJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Sep 2024 15:35:06 GMT
expires: Tue, 24 Sep 2024 15:35:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET inscribemutenessforced.com/e0/07/69/e0076952392f58c5dd9db43debf2f780.js

172.240.127.234

200 OK

34 kB

URL GET HTTP/1.1
inscribemutenessforced.com/e0/07/69/e0076952392f58c5dd9db43debf2f780.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectinscribemutenessforced.com
Fingerprint18:90:04:3A:9C:14:A1:5F:09:B5:9E:F1:A5:F2:62:B4:0B:F8:E1:98
ValidityMon, 19 Aug 2024 21:28:47 GMT - Sun, 17 Nov 2024 21:28:46 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33615 bytes)
Hash
b8db7f18b6e8be09047bc68a65a947f7
d07a05ea55c27b289d5af624c40bb24feea7f9f8
2074ef6b08411fc1520599e5630a9068eec66f01de4f8e8e2f51dc96557deed9

HTTP Headers

GET /e0/07/69/e0076952392f58c5dd9db43debf2f780.js HTTP/1.1
Host: inscribemutenessforced.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: inscribemutenessforced.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: eec97d1ea311490fcd75fc44d2fc02ef
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET inscribemutenessforced.com//invoke.js

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
inscribemutenessforced.com//invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectinscribemutenessforced.com
Fingerprint18:90:04:3A:9C:14:A1:5F:09:B5:9E:F1:A5:F2:62:B4:0B:F8:E1:98
ValidityMon, 19 Aug 2024 21:28:47 GMT - Sun, 17 Nov 2024 21:28:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET //invoke.js HTTP/1.1
Host: inscribemutenessforced.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: inscribemutenessforced.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1a6bd442472349512ffa8b2a20258e43
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET libgen.li/js/popper.min.js

104.21.57.230

200 OK

7.1 kB

URL GET HTTP/2
libgen.li/js/popper.min.js
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
7.1 kB (7057 bytes)
Hash
c2457ff14b8092f06f6d6610b202ec7f
6465bce461e777d6871c2d8dead3f6cfbbfab664
c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591

HTTP Headers

GET /js/popper.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: application/javascript
last-modified: Sun, 16 May 2021 04:13:40 GMT
etag: W/"60a09bf4-4ace"
expires: Sun, 29 Sep 2024 05:42:54 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 208332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQ0rWgvTZOmiljY6XbU0ZKUzhm3n57NOPBPmdapArPJmKYzrr6LvGU9eOCNdfRwHUkn4U5WlYAKvuJLGw3xZVb%2FQWntEbyS8D9FMDy2fKqql73aeQLWAPCXzCGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7a90b1266b4-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js

172.240.127.234

200 OK

11 kB

URL GET HTTP/1.1
inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectinscribemutenessforced.com
Fingerprint18:90:04:3A:9C:14:A1:5F:09:B5:9E:F1:A5:F2:62:B4:0B:F8:E1:98
ValidityMon, 19 Aug 2024 21:28:47 GMT - Sun, 17 Nov 2024 21:28:46 GMT

File type
JavaScript source, ASCII text, with very long lines (23796), with no line terminators
Size
11 kB (10803 bytes)
Hash
d68408506f9990f3a554e6005306b63a
98fe3cc2d335c6b7d72673c4e0bb6d02782f3c2e
f284cc8162bd347e177660e1bc83da53ae243abfe9c3d2c39aa1a3c8aaf055b0

HTTP Headers

GET /c778e5bd7ce6d388d13402003c87d827/invoke.js HTTP/1.1
Host: inscribemutenessforced.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: inscribemutenessforced.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 56c1045e788d69f3f433a9470a1ab4a3
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js

172.240.127.234

200 OK

11 kB

URL GET HTTP/1.1
inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectinscribemutenessforced.com
Fingerprint18:90:04:3A:9C:14:A1:5F:09:B5:9E:F1:A5:F2:62:B4:0B:F8:E1:98
ValidityMon, 19 Aug 2024 21:28:47 GMT - Sun, 17 Nov 2024 21:28:46 GMT

File type
JavaScript source, ASCII text, with very long lines (23817), with no line terminators
Size
11 kB (10809 bytes)
Hash
1150f7123dc93798fa705494f191c557
4c689e5a4666de901dce091b2a434b18461518d9
69f721119997e695dfeda7ee4159584ebed12c62621049e16516c00b62af8f45

HTTP Headers

GET /c778e5bd7ce6d388d13402003c87d827/invoke.js HTTP/1.1
Host: inscribemutenessforced.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: inscribemutenessforced.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1189251911d200488893293cc1980cfa
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET lookebonyhill.com/pixel/purst?dl=0&th=0&sc=0&rs=1218&rd=1218&fd=603&bv=24.8.8162&tmpl=70

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
lookebonyhill.com/pixel/purst?dl=0&th=0&sc=0&rs=1218&rd=1218&fd=603&bv=24.8.8162&tmpl=70
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectlookebonyhill.com
FingerprintA5:4E:58:F3:DE:89:E0:64:A8:D1:F9:4A:03:0A:51:24:D9:27:AC:EA
ValidityMon, 12 Aug 2024 09:53:54 GMT - Sun, 10 Nov 2024 09:53:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1218&rd=1218&fd=603&bv=24.8.8162&tmpl=70 HTTP/1.1
Host: lookebonyhill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Length: 0
Connection: keep-alive
Host: lookebonyhill.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js

172.240.127.234

200 OK

11 kB

URL GET HTTP/1.1
inscribemutenessforced.com/c778e5bd7ce6d388d13402003c87d827/invoke.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectinscribemutenessforced.com
Fingerprint18:90:04:3A:9C:14:A1:5F:09:B5:9E:F1:A5:F2:62:B4:0B:F8:E1:98
ValidityMon, 19 Aug 2024 21:28:47 GMT - Sun, 17 Nov 2024 21:28:46 GMT

File type
JavaScript source, ASCII text, with very long lines (23790), with no line terminators
Size
11 kB (10800 bytes)
Hash
5cd69e88e42e42a0e3ae6978f25f0d45
36e08208c38e81b3e3143981a458e80416077939
fb94d3c73a86ef24ecad03af6afb2b2412d62bcaa96a54989c4ebfc9a722df63

HTTP Headers

GET /c778e5bd7ce6d388d13402003c87d827/invoke.js HTTP/1.1
Host: inscribemutenessforced.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: inscribemutenessforced.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e02f7e99609193eafd883f5fd50f6634
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET libgen.li/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.57.230

302 Found

0 B

URL GET HTTP/2
libgen.li/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_K76L8NRWEJ=GS1.1.1727192106.1.0.1727192106.0.0.0; _ga=GA1.1.944064816.1727192107; dom3ic8zudi28v8lr6fgphwffqoz0j6c=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1; pp_main_e0076952392f58c5dd9db43debf2f780=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 24 Sep 2024 15:35:07 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeWvGz1lk2pOSzc5D%2FwIoG3l4W6FD4bAuVa2jJxU9UZKZIA22IXM2iV0gh4G5jqsbOrFhCmpjaYa6a2YAsYOsuLTtjefxV8c9v5ku9yUmQmyeYHHT8JYfjKRPLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7b05f7e66b4-AMS
X-Firefox-Spdy: h2

GET libgen.li/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

104.21.57.230

200 OK

5.9 kB

URL GET HTTP/2
libgen.li/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
JavaScript source, ASCII text, with very long lines (8026), with no line terminators
Size
5.9 kB (5924 bytes)
Hash
4b1a5f0df2eed96fb89fed923a09acab
62771476f46f42a9906e0e216effa56bc06ac8f3
07c75b23ba4be16cafafdd859f6d849c940494d8135f9b30f6e29b034d6c62de

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ga_K76L8NRWEJ=GS1.1.1727192106.1.0.1727192106.0.0.0; _ga=GA1.1.944064816.1727192107; dom3ic8zudi28v8lr6fgphwffqoz0j6c=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1; pp_main_e0076952392f58c5dd9db43debf2f780=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:07 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wexelr%2FTBWfivJsPqqMIVcyB9c9uPG%2BkY32hP0nkiFW%2FNxetviQDma4PQd7NH1oxiISC4KXncwOrAdZ3U1f%2FoKuNoS%2FIHtM28H5IJqXSVa%2Fjb2%2Bf02gYrf3OK4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7b08fd666b4-AMS
content-encoding: br
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7cb1003f97de4a8a857c80dd144d181
e78be90ace5d3ddd57d2e1b747fef62884bb4f8c
4c324420c3abc9e8795ed9261a04cd1ca1b3239aac8a5de895550da74f7a605a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4C324420C3ABC9E8795ED9261A04CD1CA1B3239AAC8A5DE895550DA74F7A605A"
Last-Modified: Mon, 23 Sep 2024 03:01:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4894
Expires: Tue, 24 Sep 2024 16:56:41 GMT
Date: Tue, 24 Sep 2024 15:35:07 GMT
Connection: keep-alive

GET libgen.li/css/font.min.css

104.21.57.230

200 OK

11 kB

URL GET HTTP/2
libgen.li/css/font.min.css
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
gzip compressed data, max speed, from Unix
Size
11 kB (10790 bytes)
Hash
8bc2c0de8ff7ab0ad4742a7d551640fa
5ca8b5daabe0126bba7d0cb86b2b9c81a1df286d
d4b8ada5a040b7d0b786ddd6ca684a6ba50d10434d079fb859f2f8f039fc88b9

HTTP Headers

GET /css/font.min.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: text/css
last-modified: Wed, 09 Jun 2021 18:13:05 GMT
vary: Accept-Encoding
etag: W/"60c104b1-25d7"
expires: Sun, 29 Sep 2024 05:42:53 GMT
cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 208333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ul1cL2%2FWkYiMLynifST7Amnq%2Blddt7SDGMojXNIoXnTYMYnWPsfYvDpdvdaCv4c0O2UvIWokq%2FgPCrDgD0uMSOzHnhUHrTjhtrByF9vMjhLq%2B%2F82eKA%2FzdVqJrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83d7a8faee66b4-AMS
X-Firefox-Spdy: h2

GET lookebonyhill.com/watch.983079202252.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1

192.243.61.225

307 Temporary Redirect

0 B

URL GET HTTP/1.1
lookebonyhill.com/watch.983079202252.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectlookebonyhill.com
FingerprintA5:4E:58:F3:DE:89:E0:64:A8:D1:F9:4A:03:0A:51:24:D9:27:AC:EA
ValidityMon, 12 Aug 2024 09:53:54 GMT - Sun, 10 Nov 2024 09:53:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.983079202252.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1 HTTP/1.1
Host: lookebonyhill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://lookebonyhill.com/watch.983079202252.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=f5acb106c42f555e947894dbd250f84adfc5121f40ce919e5d9ac695b0eb7f3b76389f7624d09f97673a0274d3b876c739e89b7080d22df2f9e52c3286e54eec1e599211fd74b93c5107f15f8fa3e56a6f372bd8be7350ddecef423330&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
Set-Cookie: u_pl=18184052; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE4NDA1MiwiayI6ImM3NzhlNWJkN2NlNmQzODhkMTM0MDIwMDNjODdkODI3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTY5NzE1LCJwaWQiOjk1MjcyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5NnFwZGk3YzgiLCJjcGtzIjp7IjI4IjoiMmU0ODAzODUzNjMyMTgxNjQxZDI3MjI4NWY2NWZiMGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGliZ2VuLmxpL2Fkc2YxMjdlNDA2Y2UzMjZiNzUyOWQ2YzM5ZmFiMTRiMzAyS1VIVTJYNkUiLCJhciI6W119fQ.hJcUJbdQ6M8GHmJGGU7usLOYEbqFwOL5l9AsKy6s9TE; expires=Tue, 24 Sep 2024 15:36:07 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 19285ddc22bc3ac9751547e48d377722
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET bereaveencodefestive.com/watch.862257098562.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1

192.243.61.225

307 Temporary Redirect

0 B

URL GET HTTP/1.1
bereaveencodefestive.com/watch.862257098562.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectbereaveencodefestive.com
Fingerprint76:D0:4C:84:D4:59:5D:7E:2F:F7:8A:3B:01:21:44:C0:05:BC:99:23
ValidityMon, 12 Aug 2024 09:52:42 GMT - Sun, 10 Nov 2024 09:52:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.862257098562.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1 HTTP/1.1
Host: bereaveencodefestive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://bereaveencodefestive.com/watch.862257098562.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=b96ad61de4371869a480c683291f39d80b6739f55a196c939421642293493c178fd3c70ef4f3bd697606d6ec133d7188a9bf16a3d4e04863f126767c67e1df37541c38838a07cb7baf3d52c24cf99dc2dd500d8c4267e9e0caffbe&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
Set-Cookie: u_pl=18184052; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE4NDA1MiwiayI6ImM3NzhlNWJkN2NlNmQzODhkMTM0MDIwMDNjODdkODI3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTY5NzE1LCJwaWQiOjk1MjcyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5NnFwZGk3YzgiLCJjcGtzIjp7IjI4IjoiMmU0ODAzODUzNjMyMTgxNjQxZDI3MjI4NWY2NWZiMGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGliZ2VuLmxpL2Fkc2YxMjdlNDA2Y2UzMjZiNzUyOWQ2YzM5ZmFiMTRiMzAyS1VIVTJYNkUiLCJhciI6W119fQ.hJcUJbdQ6M8GHmJGGU7usLOYEbqFwOL5l9AsKy6s9TE; expires=Tue, 24 Sep 2024 15:36:07 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: fff0d354ab906ed1fea3741bc5a2cda2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

POST libgen.li/cdn-cgi/challenge-platform/h/g/jsd/r/8c83d7a5ed1d66b4

104.21.57.230

200 OK

0 B

URL POST HTTP/2
libgen.li/cdn-cgi/challenge-platform/h/g/jsd/r/8c83d7a5ed1d66b4
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/8c83d7a5ed1d66b4 HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12205
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Cookie: _ga_K76L8NRWEJ=GS1.1.1727192106.1.0.1727192106.0.0.0; _ga=GA1.1.944064816.1727192107; dom3ic8zudi28v8lr6fgphwffqoz0j6c=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1; pp_main_e0076952392f58c5dd9db43debf2f780=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.libgen.li; HttpOnly; Secure; SameSite=None
cf_clearance=Uq72U7t04vFpwISzaw203qFm.1.VmXS6DEhTrqiRqFk-1727192107-1.2.1.1-xIwTILlW36qV8ih7XDPVdD9CNM7DHERAqOqGUza3jSbP8mcgBKipapzH9S3INm5mgoDC8.rObfUmvNKqPFXQ2W2S67tjmgPi0JPhdnhcfrUlwvSCdEIDu5Cc0LK9xNb3wQCKGnsa5JWQYw71W1Rvpm1ClqEouc8_DCcJm9vB5Hvnzj.nLl0NKS624hSVfuUaDgtI8AlYhFErHuTngLl30E5MhNmDgFng1g3T8RSRI5bpgBmYUiSvIO5S2._M0itNhBPh_N9nrOd1HeOql1eT71bIQXDDAnHcyxLORTUle_XFSc_Y5Xkav4o31221cr0cFJS248.OjEiaO4T06yucvA; Path=/; Expires=Wed, 24-Sep-25 15:35:07 GMT; Domain=.libgen.li; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZKj9890WfT2NbuhPdnstfoMAmbkLZPY2YmOBmapb4hfViFbnBgAewYIYyOnU9w4nZWzOyBPP5WDf1uGxtv2Kq5F51A1aJDN6FDW41i5ZwphEGjQxxNLO8dC6Zo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83d7b20a7a66b4-AMS
X-Firefox-Spdy: h2

GET obtaintrout.com/watch.815080856709.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1

172.240.108.84

307 Temporary Redirect

0 B

URL GET HTTP/1.1
obtaintrout.com/watch.815080856709.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectobtaintrout.com
Fingerprint7F:96:95:14:A5:D4:8F:37:DD:C6:1F:C0:FF:7C:EE:6A:A6:93:DA:D4
ValidityMon, 12 Aug 2024 09:57:29 GMT - Sun, 10 Nov 2024 09:57:28 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.815080856709.js?key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&tz=0&dev=e&res=14.2071&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1 HTTP/1.1
Host: obtaintrout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Location: https://obtaintrout.com/watch.815080856709.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=49e437054bd349b6e185af83331491ba536048f1fb50f3f56b86ef94304476a90494659d275c7e95c5e019fe0628439d784110f1a795a54de738f3309332e7ce15ed464a7b53317c2461ab714f11c1c4714ec79f28f41e7f45c875&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
Set-Cookie: u_pl=18184052; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE4NDA1MiwiayI6ImM3NzhlNWJkN2NlNmQzODhkMTM0MDIwMDNjODdkODI3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTY5NzE1LCJwaWQiOjk1MjcyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5NnFwZGk3YzgiLCJjcGtzIjp7IjI4IjoiMmU0ODAzODUzNjMyMTgxNjQxZDI3MjI4NWY2NWZiMGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGliZ2VuLmxpL2Fkc2YxMjdlNDA2Y2UzMjZiNzUyOWQ2YzM5ZmFiMTRiMzAyS1VIVTJYNkUiLCJhciI6W119fQ.hJcUJbdQ6M8GHmJGGU7usLOYEbqFwOL5l9AsKy6s9TE; expires=Tue, 24 Sep 2024 15:36:07 GMT; path=/; secure; SameSite=None
Host: obtaintrout.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a15de41bcbd3ac707b94baaa96c9b8af
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintE3:36:E7:35:50:1D:3D:F0:47:9F:E5:94:90:B5:48:C0:67:A2:2B:8A
ValidityTue, 03 Sep 2024 21:28:57 GMT - Mon, 02 Dec 2024 21:28:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7c0b8ac44f895d1c001449803aa5674b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET bereaveencodefestive.com/watch.862257098562.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=b96ad61de4371869a480c683291f39d80b6739f55a196c939421642293493c178fd3c70ef4f3bd697606d6ec133d7188a9bf16a3d4e04863f126767c67e1df37541c38838a07cb7baf3d52c24cf99dc2dd500d8c4267e9e0caffbe&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1

192.243.61.225

200 OK

2.1 kB

URL GET HTTP/1.1
bereaveencodefestive.com/watch.862257098562.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=b96ad61de4371869a480c683291f39d80b6739f55a196c939421642293493c178fd3c70ef4f3bd697606d6ec133d7188a9bf16a3d4e04863f126767c67e1df37541c38838a07cb7baf3d52c24cf99dc2dd500d8c4267e9e0caffbe&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectbereaveencodefestive.com
Fingerprint76:D0:4C:84:D4:59:5D:7E:2F:F7:8A:3B:01:21:44:C0:05:BC:99:23
ValidityMon, 12 Aug 2024 09:52:42 GMT - Sun, 10 Nov 2024 09:52:41 GMT

File type
JavaScript source, ASCII text, with very long lines (2526)
Size
2.1 kB (2051 bytes)
Hash
20e3266bddc2dea41ac7aa5fd1db9318
87f025f396a9cd4597175687ca087c474f1e8d82
a1ed5bf160dad2d9e6758f071faa990cce908b5a7d34b4143cac77c65448d1d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.862257098562.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=b96ad61de4371869a480c683291f39d80b6739f55a196c939421642293493c178fd3c70ef4f3bd697606d6ec133d7188a9bf16a3d4e04863f126767c67e1df37541c38838a07cb7baf3d52c24cf99dc2dd500d8c4267e9e0caffbe&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1 HTTP/1.1
Host: bereaveencodefestive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18184052; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE4NDA1MiwiayI6ImM3NzhlNWJkN2NlNmQzODhkMTM0MDIwMDNjODdkODI3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTY5NzE1LCJwaWQiOjk1MjcyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5NnFwZGk3YzgiLCJjcGtzIjp7IjI4IjoiMmU0ODAzODUzNjMyMTgxNjQxZDI3MjI4NWY2NWZiMGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGliZ2VuLmxpL2Fkc2YxMjdlNDA2Y2UzMjZiNzUyOWQ2YzM5ZmFiMTRiMzAyS1VIVTJYNkUiLCJhciI6W119fQ.hJcUJbdQ6M8GHmJGGU7usLOYEbqFwOL5l9AsKy6s9TE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=66934a27-8689-4a8d-98df-ef7f5420a4c9:1:1; expires=Tue, 01 Oct 2024 15:35:07 GMT; path=/; secure; SameSite=None
iprc15529dbf8f9d0e6834bc1c46cf699730=5260140; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
uncs=1; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ffdd2b97cdbed506999d6ed4e8bc1547
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET lookebonyhill.com/watch.983079202252.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=f5acb106c42f555e947894dbd250f84adfc5121f40ce919e5d9ac695b0eb7f3b76389f7624d09f97673a0274d3b876c739e89b7080d22df2f9e52c3286e54eec1e599211fd74b93c5107f15f8fa3e56a6f372bd8be7350ddecef423330&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1

172.240.108.68

200 OK

2.1 kB

URL GET HTTP/1.1
lookebonyhill.com/watch.983079202252.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=f5acb106c42f555e947894dbd250f84adfc5121f40ce919e5d9ac695b0eb7f3b76389f7624d09f97673a0274d3b876c739e89b7080d22df2f9e52c3286e54eec1e599211fd74b93c5107f15f8fa3e56a6f372bd8be7350ddecef423330&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectlookebonyhill.com
FingerprintA5:4E:58:F3:DE:89:E0:64:A8:D1:F9:4A:03:0A:51:24:D9:27:AC:EA
ValidityMon, 12 Aug 2024 09:53:54 GMT - Sun, 10 Nov 2024 09:53:53 GMT

File type
JavaScript source, ASCII text, with very long lines (2529)
Size
2.1 kB (2053 bytes)
Hash
c337bcbad0fc43cc62427d40dae951c7
bc1bd5fef108c717217778eabc514011e8263288
2d7b2533b2a479f4211aa6a39ef3a656c16cd02000514393e56c774d239e055d

HTTP Headers

GET /watch.983079202252.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=f5acb106c42f555e947894dbd250f84adfc5121f40ce919e5d9ac695b0eb7f3b76389f7624d09f97673a0274d3b876c739e89b7080d22df2f9e52c3286e54eec1e599211fd74b93c5107f15f8fa3e56a6f372bd8be7350ddecef423330&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1 HTTP/1.1
Host: lookebonyhill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18184052; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE4NDA1MiwiayI6ImM3NzhlNWJkN2NlNmQzODhkMTM0MDIwMDNjODdkODI3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTY5NzE1LCJwaWQiOjk1MjcyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5NnFwZGk3YzgiLCJjcGtzIjp7IjI4IjoiMmU0ODAzODUzNjMyMTgxNjQxZDI3MjI4NWY2NWZiMGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGliZ2VuLmxpL2Fkc2YxMjdlNDA2Y2UzMjZiNzUyOWQ2YzM5ZmFiMTRiMzAyS1VIVTJYNkUiLCJhciI6W119fQ.hJcUJbdQ6M8GHmJGGU7usLOYEbqFwOL5l9AsKy6s9TE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=66934a27-8689-4a8d-98df-ef7f5420a4c9:1:1; expires=Tue, 01 Oct 2024 15:35:07 GMT; path=/; secure; SameSite=None
iprc4b6393ab9062125841e90e8b64258181=5191644; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
uncs=1; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Wed, 25 Sep 2024 15:35:07 GMT; path=/; secure; SameSite=None
Host: lookebonyhill.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 73bc8812a4811aac2709bee97366f9d6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET obtaintrout.com/watch.815080856709.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=49e437054bd349b6e185af83331491ba536048f1fb50f3f56b86ef94304476a90494659d275c7e95c5e019fe0628439d784110f1a795a54de738f3309332e7ce15ed464a7b53317c2461ab714f11c1c4714ec79f28f41e7f45c875&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1

172.240.108.84

200 OK

2.1 kB

URL GET HTTP/1.1
obtaintrout.com/watch.815080856709.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=49e437054bd349b6e185af83331491ba536048f1fb50f3f56b86ef94304476a90494659d275c7e95c5e019fe0628439d784110f1a795a54de738f3309332e7ce15ed464a7b53317c2461ab714f11c1c4714ec79f28f41e7f45c875&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectobtaintrout.com
Fingerprint7F:96:95:14:A5:D4:8F:37:DD:C6:1F:C0:FF:7C:EE:6A:A6:93:DA:D4
ValidityMon, 12 Aug 2024 09:57:29 GMT - Sun, 10 Nov 2024 09:57:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2523)
Size
2.1 kB (2051 bytes)
Hash
8043adb2a0e9ee1039ce4d37e50d4669
a256f4d80fb21ec97d093891dcdd664a530f4ed9
7dfd9d252bfde04a2abb77c014a645c6b30c2bf0811718da471f3de32d019f2c

HTTP Headers

GET /watch.815080856709.js?dev=e&key=c778e5bd7ce6d388d13402003c87d827&kw=%5B%22library%22%2C%22genesis%22%5D&pst=1727192167&refer=https%3A%2F%2Flibgen.li%2Fadsf127e406ce326b7529d6c39fab14b302KUHU2X6E&res=14.2071&rmtc=t&shu=49e437054bd349b6e185af83331491ba536048f1fb50f3f56b86ef94304476a90494659d275c7e95c5e019fe0628439d784110f1a795a54de738f3309332e7ce15ed464a7b53317c2461ab714f11c1c4714ec79f28f41e7f45c875&tz=0&uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1 HTTP/1.1
Host: obtaintrout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
Referer: https://libgen.li/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18184052; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE4NDA1MiwiayI6ImM3NzhlNWJkN2NlNmQzODhkMTM0MDIwMDNjODdkODI3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTY5NzE1LCJwaWQiOjk1MjcyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE3LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5NnFwZGk3YzgiLCJjcGtzIjp7IjI4IjoiMmU0ODAzODUzNjMyMTgxNjQxZDI3MjI4NWY2NWZiMGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbGliZ2VuLmxpL2Fkc2YxMjdlNDA2Y2UzMjZiNzUyOWQ2YzM5ZmFiMTRiMzAyS1VIVTJYNkUiLCJhciI6W119fQ.hJcUJbdQ6M8GHmJGGU7usLOYEbqFwOL5l9AsKy6s9TE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://libgen.li
Access-Control-Allow-Origin: https://libgen.li
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=66934a27-8689-4a8d-98df-ef7f5420a4c9:1:1; expires=Tue, 01 Oct 2024 15:35:08 GMT; path=/; secure; SameSite=None
iprc73eedd91e124091ec8280923c58016a4=5260138; expires=Wed, 25 Sep 2024 15:35:08 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Wed, 25 Sep 2024 15:35:08 GMT; path=/; secure; SameSite=None
uncs=1; expires=Wed, 25 Sep 2024 15:35:08 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Wed, 25 Sep 2024 15:35:08 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Wed, 25 Sep 2024 15:35:08 GMT; path=/; secure; SameSite=None
Host: obtaintrout.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 77e4132b26d5178b69ebad5662dc72cd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET cdn.storageimagedisplay.com/cti/4a/1e/d8/4a1ed8e2ff519fa6a8bd0e90ddda6b11/1711621664.jpg

45.133.44.1

200 OK

69 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/4a/1e/d8/4a1ed8e2ff519fa6a8bd0e90ddda6b11/1711621664.jpg
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint35:34:7E:96:D3:74:A9:D9:1F:BE:9D:7C:A7:EF:B0:88:78:CB:82:36
ValidityFri, 13 Sep 2024 11:57:48 GMT - Thu, 12 Dec 2024 11:57:47 GMT

File type
JPEG image data, baseline, precision 8, 728x90, components 3
Size
69 kB (69331 bytes)
Hash
e14b730e0a2658ed28a3ce670a105a99
d989b38da47a03474882cc6e6175e436c044c134
e64c3eb5c5c59878141b805e025623cb0dd4d0f43cc979b1aedd79f7e7dc5507

HTTP Headers

GET /cti/4a/1e/d8/4a1ed8e2ff519fa6a8bd0e90ddda6b11/1711621664.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:08 GMT
content-type: image/jpeg
content-length: 69331
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:27:52 GMT
etag: "66054628-10ed3"
expires: Thu, 26 Sep 2024 15:35:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/a5/dc/5b/a5dc5b75c729bc8d31074bb3dfac2309/1716313429.gif

45.133.44.1

200 OK

357 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/a5/dc/5b/a5dc5b75c729bc8d31074bb3dfac2309/1716313429.gif
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint35:34:7E:96:D3:74:A9:D9:1F:BE:9D:7C:A7:EF:B0:88:78:CB:82:36
ValidityFri, 13 Sep 2024 11:57:48 GMT - Thu, 12 Dec 2024 11:57:47 GMT

File type
GIF image data, version 89a, 728 x 90
Size
357 kB (356907 bytes)
Hash
77b7fb2a38f6127956fc22c27b690567
c389a6ff1712833c21acbde177a77d10a32ab82e
fb9692cbf1585eaf29e61af6ad81a7b788c277bf2eac41cd8a8ba50a105638cb

HTTP Headers

GET /cti/a5/dc/5b/a5dc5b75c729bc8d31074bb3dfac2309/1716313429.gif HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:08 GMT
content-type: image/gif
content-length: 356907
server: nginx/1.21.6
last-modified: Tue, 21 May 2024 17:43:58 GMT
etag: "664cdd5e-5722b"
expires: Thu, 26 Sep 2024 15:35:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET libgen.li/js/dark-mode-switch.js

104.21.57.230

200 OK

264 kB

URL GET HTTP/2
libgen.li/js/dark-mode-switch.js
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
ASCII text
Size
264 kB (263860 bytes)
Hash
9ca505b605f0247bb2db2e8ba898ac2a
576412cb53709781f9be65f9b3b08d9d51494a75
2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b

HTTP Headers

GET /js/dark-mode-switch.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: application/javascript
last-modified: Sat, 22 May 2021 16:34:13 GMT
etag: W/"60a93285-b75"
expires: Sun, 29 Sep 2024 05:42:54 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 208332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDUMiJ%2B1eNd3v0VFgTgshhB0WCRX8NsHmXtj1loS%2FVLJLDTQdXO7xr2cZMZwnD3XNwWmjXQaymH7p2ETlhzlWBzUIj%2Bw9XzhMzKsHHm1Z3TncaSoFln4TeFWUHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7a8fb0866b4-AMS
content-encoding: br
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7cfe12bcdde8deab1497626d339937f8
01e66dcda8dc640ed1b7307a6ae9abb68e849127
c9caf66ddb32a836cc5db1dd21e8205bac8259b414af2fab651dfd84a2288ef6

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C9CAF66DDB32A836CC5DB1DD21E8205BAC8259B414AF2FAB651DFD84A2288EF6"
Last-Modified: Sun, 22 Sep 2024 17:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2492
Expires: Tue, 24 Sep 2024 16:16:40 GMT
Date: Tue, 24 Sep 2024 15:35:08 GMT
Connection: keep-alive

GET unseenreport.com/pxf.gif?uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e0076952392f58c5dd9db43debf2f780&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e0076952392f58c5dd9db43debf2f780&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintF0:98:AC:22:06:CC:50:D7:62:08:A2:F7:67:3A:D3:8D:DA:4B:FE:E6
ValidityThu, 19 Sep 2024 04:18:43 GMT - Wed, 18 Dec 2024 04:18:42 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=66934a27-8689-4a8d-98df-ef7f5420a4c9&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=e0076952392f58c5dd9db43debf2f780&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Sep 2024 15:35:08 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 88703fe78d310cdffef03653465f7f33
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET recordedthereby.com/sfp.js

104.21.91.24

200 OK

85 kB

URL GET HTTP/2
recordedthereby.com/sfp.js
IP
104.21.91.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectrecordedthereby.com
Fingerprint76:BA:7B:D2:DF:8D:D1:44:66:52:F9:0D:A1:78:12:89:6C:3F:0F:03
ValidityTue, 03 Sep 2024 16:10:32 GMT - Mon, 02 Dec 2024 16:10:31 GMT

File type

Size
85 kB (85378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, max-age=0, private, no-cache
x-request-id: f1001cc6b8eacabbc813d56f3dd8dbfe
pragma: no-cache
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmHrQMgJ83cQadw%2BoAKskiHHsPaGB8S2kr7mcYIO9LR6wjlD%2BOzq2P5s7WS%2F3Tl50GbZIy8aSMOkCbevshTb6nSMvmJPuuyyAjaBCMzFCDcTGY6u00pdO5l%2BFvDsGZkPufC6Greu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7ad3d6518bf-FRA
content-encoding: br
X-Firefox-Spdy: h2

GET libgen.li/img/favicon.ico

104.21.57.230

200 OK

2.2 kB

URL GET HTTP/2
libgen.li/img/favicon.ico
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel
Size
2.2 kB (2238 bytes)
Hash
1aae1c5c5b27e6d63ba2e0a8d596760e
2a8294e38dfc9474d869e05d2a9a42dcccfe3066
d3910a9bd312389bd76df879ad74c7c5f596b1056f1d86d537b6451738c61390

HTTP Headers

GET /img/favicon.ico HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Cookie: _ga_K76L8NRWEJ=GS1.1.1727192106.1.0.1727192106.0.0.0; _ga=GA1.1.944064816.1727192107; dom3ic8zudi28v8lr6fgphwffqoz0j6c=66934a27-8689-4a8d-98df-ef7f5420a4c9%3A1%3A1; pp_main_e0076952392f58c5dd9db43debf2f780=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:08 GMT
content-type: image/x-icon
last-modified: Mon, 13 May 2013 20:56:22 GMT
etag: W/"51915376-8be"
expires: Sun, 29 Sep 2024 05:44:13 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 208254
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=awYA4hPZgG8noh5U8VOlOCxibJW7TMBAs0HzGsGxtTOc03J8AzZf00n2u9obTJplWVL0mX6A4JKhuEVygiDvu435J0JqHtlDipTITme9WamKhoH0uE96pKxDYBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7b44de366b4-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET libgen.li/js/form-validation.js

104.21.57.230

200 OK

686 B

URL GET HTTP/2
libgen.li/js/form-validation.js
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
JavaScript source, ASCII text, with very long lines (707), with no line terminators
Size
686 B (686 bytes)
Hash
9b49fb891557236d80c4823d110ee45b
3cfdb12d1dc761ca69c01f5387795358b20ba6ff
3d4aa7a6338cdd568ef532bcb206dbaadd1c060cdf3873819b7f8fe242bf804c

HTTP Headers

GET /js/form-validation.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: application/javascript
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
etag: W/"5f859e98-2ae"
expires: Sun, 29 Sep 2024 05:42:54 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 208332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMW1yPjxDw3kDkx4ATA0cp3IJ%2BaY7ACLbTevoGnHbvbXmrCEaz9pQNvKF5V6AmPDRovHAyGCj6aWEcVZ6Tujk9i8WGLfYsAHIrbmiCkYy5sDHyW58T0JNM0T8XA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7a90b2366b4-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.57.230

200 OK

1.2 kB

URL GET HTTP/2
libgen.li/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 09:32:12 GMT
etag: W/"66e7fb1c-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gui7zL1SIo3YtCikjYs%2Bg0ZCp9QcyvNZ%2Fznt1OMDo6Reo9e0dxgjxRbde6o3C9A%2FVVSzgJc9EcxmdBF3Z5A%2FLiP0I9c65iARR0jz998HZKJOv3x2iOvZV1slN28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8c83d7a90b0f66b4-AMS
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 15:35:06 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

52.29.233.155

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.233.155:443
ASN
#16509 AMAZON-02

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3ff2590f7a944aa6e01b24cbdc376751
d88c032c401cea775c89af053a2104d18c4d9bff
ec4d61aa5fad3bf1a39e6471f8cf50dd9b901bd40e3702c8e82684efd3af342f

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://libgen.li
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://libgen.li
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=66934a27-8689-4a8d-98df-ef7f5420a4c9:1:1; expires=Fri, 22 Sep 2034 15:35:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E

104.21.57.230

200 OK

22 kB

URL User Request GET HTTP/2
libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type

Size
22 kB (21948 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adsf127e406ce326b7529d6c39fab14b302KUHU2X6E HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wbb2lr9DHuKY94phbEikRMczijPaot091WkKotU8Kxm15DYM2paz6aQzYI%2FbHJ1Rl%2FmIfx1V2xfAimo5YvHqF0dvDjxZwVQSINBSxfo7uNHwSaBClW1uDBQMHfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83d7a5ed1d66b4-AMS
content-encoding: br
X-Firefox-Spdy: h2

GET libgen.li/css/dark-mode.css

104.21.57.230

200 OK

294 B

URL GET HTTP/2
libgen.li/css/dark-mode.css
IP
104.21.57.230:443
ASN
#13335 CLOUDFLARENET

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerGoogle Trust Services
Subjectlibgen.li
Fingerprint3F:41:D0:04:FB:CD:12:81:7F:2B:59:88:9A:F1:32:55:55:3F:F4:29
ValidityTue, 13 Aug 2024 05:20:41 GMT - Mon, 11 Nov 2024 05:20:40 GMT

File type
ASCII text, with very long lines (317), with no line terminators
Size
294 B (294 bytes)
Hash
1c1af0f4bf3bdaa05726881649515049
5dc233007aae45b454ceebec6f3942661c8ac9e2
f2b85b046b54109e6b22d294dc69fd2fd27de303ac882a37660e2bf42e8e9fb9

HTTP Headers

GET /css/dark-mode.css HTTP/1.1
Host: libgen.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:06 GMT
content-type: text/css
last-modified: Thu, 29 Apr 2021 06:48:36 GMT
vary: Accept-Encoding
etag: W/"608a56c4-126"
expires: Sun, 29 Sep 2024 05:42:53 GMT
cache-control: max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 208333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKRdJQZ%2F0PuFTHMLGV%2BGZnERCHFtY6c2koVqESTq3huBJT%2BQ7CikN8pzpCh9Eu%2FS7oOY8BZZTc8p%2B51XBN7uCBS%2F5s%2FRgZyzbgZEj3u96zYlzBpAzDIzHjcOczI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8c83d7a8faf466b4-AMS
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/d8/e6/0c/d8e60ca3941a06eb21874c213b2cd8e6/1716313389.gif

45.133.44.1

200 OK

263 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/d8/e6/0c/d8e60ca3941a06eb21874c213b2cd8e6/1716313389.gif
IP
45.133.44.1:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://libgen.li/adsf127e406ce326b7529d6c39fab14b302KUHU2X6E
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
Fingerprint35:34:7E:96:D3:74:A9:D9:1F:BE:9D:7C:A7:EF:B0:88:78:CB:82:36
ValidityFri, 13 Sep 2024 11:57:48 GMT - Thu, 12 Dec 2024 11:57:47 GMT

File type
GIF image data, version 89a, 728 x 90
Size
263 kB (263110 bytes)
Hash
6ce4a4203b237535758ba6f50035e6fc
13c649f7721244ca0d9c544135732d07bb333f4c
7eb366c052562a431a9db71e7239348fbca887586223a3fe2cae0644727e263a

HTTP Headers

GET /cti/d8/e6/0c/d8e60ca3941a06eb21874c213b2cd8e6/1716313389.gif HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Sep 2024 15:35:08 GMT
content-type: image/gif
content-length: 263110
server: nginx/1.21.6
last-modified: Tue, 21 May 2024 17:43:18 GMT
etag: "664cdd36-403c6"
expires: Thu, 26 Sep 2024 15:35:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash