| r10.o.lencr.org/ |  23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd070dea5a1c30c330443d09132734e63 3ca8c0f7cd2afd3a26da8bbe3f8a47c5995294f4 4868faf0cf6c4f9bd0d7db49dcde0b7358890c362d5281a233ab666a702e1741
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4868FAF0CF6C4F9BD0D7DB49DCDE0B7358890C362D5281A233AB666A702E1741"
Last-Modified: Sat, 28 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3475
Expires: Sat, 28 Sep 2024 23:45:15 GMT
Date: Sat, 28 Sep 2024 22:47:20 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash50ec2f197e1e9012dfac7b80e5565a44 7cb355942a7be5e49dfdfa0cc6d799118039a724 0b39af17a3de80db30bbd66bcc0bb8af598c5d63c6365cc90b60a4a879b953ea
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B39AF17A3DE80DB30BBD66BCC0BB8AF598C5D63C6365CC90B60A4A879B953EA"
Last-Modified: Sat, 28 Sep 2024 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3470
Expires: Sat, 28 Sep 2024 23:45:10 GMT
Date: Sat, 28 Sep 2024 22:47:20 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7a008f7018d5b98d787afdc07ddf2066 88ae935b7f05301000668ad6fb1d83f6a86e82b4 d98004d3571e1a51d26420f00a34d03ba467da831291574a99d2a920aabc60de
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D98004D3571E1A51D26420F00A34D03BA467DA831291574A99D2A920AABC60DE"
Last-Modified: Fri, 27 Sep 2024 14:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11687
Expires: Sun, 29 Sep 2024 02:02:07 GMT
Date: Sat, 28 Sep 2024 22:47:20 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash667516c0af05a6454902b00dc2899997 ee061865ace4f50cb903dc4f70aa535c6ef29ba1 4dc8d5735d88454e4817e15c35c32e809db81ce87fc16809f50bfda640372948
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4DC8D5735D88454E4817E15C35C32E809DB81CE87FC16809F50BFDA640372948"
Last-Modified: Sat, 28 Sep 2024 16:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8705
Expires: Sun, 29 Sep 2024 01:12:26 GMT
Date: Sat, 28 Sep 2024 22:47:21 GMT
Connection: keep-alive
|
|
| GET gen.lib.rus.ec/book/index.php?md5=B77B148D05A88BEE67D40A6E085CECB7 |  104.21.96.105 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/1.1gen.lib.rus.ec/book/index.php?md5=B77B148D05A88BEE67D40A6E085CECB7 IP104.21.96.105:80
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /book/index.php?md5=B77B148D05A88BEE67D40A6E085CECB7 HTTP/1.1
Host: gen.lib.rus.ec
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Sep 2024 22:47:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://libgen.rs/book/index.php?md5=B77B148D05A88BEE67D40A6E085CECB7
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmtiyZh07SDUL9GuVFxZE6TmPMkCwP2xKKx49so2qlzOsYMywN0RVapp20h%2F5yEBN7l6O81LfmBDKGsp0DOYs1PVO46I2SswjYgeWJ%2FeeFYEl4aLl47uRKVAOigujb4pmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Speculation-Rules: "/cdn-cgi/speculation"
Server: cloudflare
CF-RAY: 8ca74653d99a1c0e-OSL
alt-svc: h2=":443"; ma=60
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9892580ecf39772c685d680d6f4e6928 9699605a2728f7b2fda4499c7d3ad4d36fe984d7 3b998c5d32c9977245c70fefe2914d7c202567a1663bd8c79451f17df99c89d1
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3B998C5D32C9977245C70FEFE2914D7C202567A1663BD8C79451F17DF99C89D1"
Last-Modified: Sat, 28 Sep 2024 12:08:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11413
Expires: Sun, 29 Sep 2024 01:57:35 GMT
Date: Sat, 28 Sep 2024 22:47:22 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9892580ecf39772c685d680d6f4e6928 9699605a2728f7b2fda4499c7d3ad4d36fe984d7 3b998c5d32c9977245c70fefe2914d7c202567a1663bd8c79451f17df99c89d1
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3B998C5D32C9977245C70FEFE2914D7C202567A1663BD8C79451F17DF99C89D1"
Last-Modified: Sat, 28 Sep 2024 12:08:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11413
Expires: Sun, 29 Sep 2024 01:57:35 GMT
Date: Sat, 28 Sep 2024 22:47:22 GMT
Connection: keep-alive
|
|
| GET libgen.rs/book/index.php?md5=B77B148D05A88BEE67D40A6E085CECB7 | 0.0.0.0 | | 0 B |
URL User Request GET libgen.rs/book/index.php?md5=B77B148D05A88BEE67D40A6E085CECB7 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /book/index.php?md5=B77B148D05A88BEE67D40A6E085CECB7 HTTP/1.1
Host: libgen.rs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
172.67.176.219
0.0.0.0