urlscan.io logo urlscan.io
SecurityTrails logo

libgen.gs Open in urlscan Pro
111.90.145.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://booksdl.org/foreignfiction/get.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Effective URL: http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Submission: On January 22 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 13 domains to perform 26 HTTP transactions. The main IP is 111.90.145.73, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is libgen.gs.
This is the only time libgen.gs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 89.248.170.53 202425 (INT-NETWORK)
1 1 111.90.145.71 45839 (SHINJIRU-...)
4 111.90.145.73 45839 (SHINJIRU-...)
1 2 193.218.118.42 207656 (EPINATURA)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 139.45.195.82 9002 (RETN-AS)
5 139.45.196.72 9002 (RETN-AS)
5 139.45.196.30 9002 (RETN-AS)
1 139.45.196.14 9002 (RETN-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 139.45.195.254 9002 (RETN-AS)
26 10
2    89.248.170.53 (Netherlands)

ASN202425 (INT-NETWORK, SC)
booksdl.org
1    111.90.145.71 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
libgen.lc
4    111.90.145.73 (Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: zd5t.volum-tds.com
libgen.gs
2    193.218.118.42 (None, )

ASN207656 (EPINATURA, UA)
PTR: 42.118.218.193.urdn.com.ua
gen.lib.rus.ec
libgen.rs
1    2606:4700:20::681a:d76 (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
1    139.45.195.82 (Ascension Island)

ASN9002 (RETN-AS, GB)
bedrapiona.com
5    139.45.196.72 (Ascension Island)

ASN9002 (RETN-AS, GB)
inpagepush.com
5    139.45.196.30 (Ascension Island)

ASN9002 (RETN-AS, GB)
toglooman.com
1    139.45.196.14 (Ascension Island)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
1    2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)
static.lalaping.com
5    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, GB)
o.wowreality.info
Domain Requested by
5 www.google.com
5 toglooman.com iclickcdn.com
toglooman.com
5 inpagepush.com iclickcdn.com
inpagepush.com
4 libgen.gs libgen.gs
2 o.wowreality.info static.lalaping.com
2 booksdl.org 2 redirects
1 static.lalaping.com toglooman.com
1 onmarshtompor.com iclickcdn.com
1 bedrapiona.com iclickcdn.com
1 iclickcdn.com libgen.gs
1 libgen.rs libgen.gs
1 gen.lib.rus.ec 1 redirects
1 libgen.lc 1 redirects
26 13

This site contains links to these domains. Also see Links.

Domain
111.90.145.72
www.worldcat.org
www.goodreads.com
www.abebooks.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-12 -
2021-11-11		 a year crt.sh
bedrapiona.com
R3		 2020-12-07 -
2021-03-07		 3 months crt.sh
inpagepush.com
Let's Encrypt Authority X3		 2020-11-11 -
2021-02-09		 3 months crt.sh
toglooman.com
R3		 2020-12-15 -
2021-03-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Frame ID: E05F562BE940A7B3615CA05047824FF6
Requests: 21 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php
Frame ID: 9AC9A358682A0ADB06867A567D0E98F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://booksdl.org/foreignfiction/get.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN... HTTP 307
    http://booksdl.org/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN... HTTP 307
    http://libgen.lc/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN... HTTP 307
    http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

26
Requests

35 %
HTTPS

25 %
IPv6

13
Domains

13
Subdomains

10
IPs

6
Countries

287 kB
Transfer

759 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://booksdl.org/foreignfiction/get.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M HTTP 307
    http://booksdl.org/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M HTTP 307
    http://libgen.lc/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M HTTP 307
    http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://gen.lib.rus.ec/fictioncovers/2292000/f5ba59cd3f3e54c31ad9ab96ab56d33f-g.jpg HTTP 301
  • http://libgen.rs/fictioncovers/2292000/f5ba59cd3f3e54c31ad9ab96ab56d33f-g.jpg

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ads.php
libgen.gs/foreignfiction/
Redirect Chain
  • http://booksdl.org/foreignfiction/get.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
  • http://booksdl.org/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
  • http://libgen.lc/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
  • http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Protocol
HTTP/1.1
Server
111.90.145.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
zd5t.volum-tds.com
Software
nginx /
Resource Hash
56ed38a16640247aee48259455b78d8d2c73c307daa785012bf9ca0f6afed8e8

Request headers

Host
libgen.gs
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Fri, 22 Jan 2021 11:20:26 GMT
Content-Type
text/html
Content-Length
1678
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 22 Jan 2021 11:20:25 GMT
Content-Type
text/html
Content-Length
164
Connection
keep-alive
Location
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
menu.css
libgen.gs/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://libgen.gs/menu.css
Requested by
Host: libgen.gs
URL: http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Protocol
HTTP/1.1
Server
111.90.145.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
zd5t.volum-tds.com
Software
nginx /
Resource Hash
a4ccb2e7f91a01dcc8f0e18915efa583e84858db6975a3123d7ebd4a2bed63e3

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:20:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Dec 2019 18:48:16 GMT
Server
nginx
ETag
"20e00000002f78b-2cda-59b04672ffe88"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2455
clipboard.min.js
libgen.gs/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://libgen.gs/clipboard.min.js
Requested by
Host: libgen.gs
URL: http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Protocol
HTTP/1.1
Server
111.90.145.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
zd5t.volum-tds.com
Software
nginx /
Resource Hash
7a53791e4fa066ae10a40b55d93931975a840e53298b52657b05112936273fb5

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:20:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 May 2016 19:20:57 GMT
Server
nginx
ETag
"24f0000000066b9e-2710-532aa0ecef6e7"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3287
jquery.min.js
libgen.gs/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://libgen.gs/jquery.min.js
Requested by
Host: libgen.gs
URL: http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Protocol
HTTP/1.1
Server
111.90.145.73 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
zd5t.volum-tds.com
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:20:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Jul 2020 20:43:31 GMT
Server
nginx
ETag
"2a500000009ca30-15d84-5a9e00b55b325"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30910
f5ba59cd3f3e54c31ad9ab96ab56d33f-g.jpg
libgen.rs/fictioncovers/2292000/
Redirect Chain
  • http://gen.lib.rus.ec/fictioncovers/2292000/f5ba59cd3f3e54c31ad9ab96ab56d33f-g.jpg
  • http://libgen.rs/fictioncovers/2292000/f5ba59cd3f3e54c31ad9ab96ab56d33f-g.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://libgen.rs/fictioncovers/2292000/f5ba59cd3f3e54c31ad9ab96ab56d33f-g.jpg
Requested by
Host: libgen.gs
URL: http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Protocol
HTTP/1.1
Server
193.218.118.42 -, , ASN207656 (EPINATURA, UA),
Reverse DNS
42.118.218.193.urdn.com.ua
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
http://libgen.rs/fictioncovers/2292000/f5ba59cd3f3e54c31ad9ab96ab56d33f-g.jpg
Date
Fri, 22 Jan 2021 11:19:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
tag.min.js
iclickcdn.com/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: libgen.gs
URL: http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 11:19:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
41226
access-control-allow-methods
GET, POST, OPTIONS
cf-request-id
07cb6b57ba00003248919a5000000001
x-trace-id
fca3e8395baf1f17aa9cddb96fa5fc2c
pragma
no-cache
last-modified
Thu, 21 Jan 2021 10:52:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J7zxhQFPxt0i00KbsxQvRhHuL0c%2Fio5bxls3prg2m58bBWVA%2FplbOi6Q3H9aY%2BOgMBJSBZNqg4Xdw0W0T8u8Cc12PxGCRwWRx1egCxm9u6QrPz10GYOdQC65"}],"group":"cf-nel"}
content-type
application/javascript
access-control-allow-origin
https://aflampro.com
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
6158e19f8aa93248-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Fri, 22 Jan 2021 23:52:34 GMT
/
bedrapiona.com/5/2651327/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/2651327/?oo=1
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.82 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
45e720317fe652351b0cf714138b55f67e4d8a9a2d7886ebc1200bf7125e4e0a

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
61fc7444ec0e22da76ee38c856428b86
Pragma
no-cache, no-cache
Date
Fri, 22 Jan 2021 11:19:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://libgen.gs
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
3710680
inpagepush.com/400/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/400/3710680
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e8b28e663b306cf021e9023e8c25f201b07e5b4299e856116a059bef38729060
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
e394f227d0412d544167c1cab977cb4c
Pragma
no-cache
Date
Fri, 22 Jan 2021 11:19:41 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/javascript
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
Expires
Wed, 31 Dec 1969 19:00:00 EST
1
toglooman.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/1?z=2681949
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8045891291c493f2e2ac180d98e101c54568ab2e74389ad33431a732c74ac133

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Jan 2021 11:19:41 GMT
Content-Encoding
gzip
X-Sc
4ico7C6XctLFpq9Pni3_SVo4gPzqkDkYtlfRfKAVP8CDhXMPAO5VUEzVXZ5xIrwh6rW_GkitUU7DR_EVBl6pIyJ4Zz4=
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fac.php
onmarshtompor.com/ Frame 9AC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://onmarshtompor.com/fac.php
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Server
139.45.196.14 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
onmarshtompor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M

Response headers

Server
nginx
Date
Fri, 22 Jan 2021 11:19:41 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
X-Trace-Id
7160180dddb6e7ecb2bbab9fc79c7988
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
125732e2cacd97136364008a6cd2b63a
toglooman.com/27/ 		361 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://toglooman.com/27/125732e2cacd97136364008a6cd2b63a
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=2681949
Protocol
HTTP/1.1
Server
139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7f3e70910f6ae901920194016db3577bc1fc620ee21697baa01478885eaee317
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:19:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 21 Jan 2021 05:18:12 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
max-age:290304000, public
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Thu, 20 Feb 2081 05:18:12 GMT
38
toglooman.com/42/ 		0
903 B 		Script
General
Check archive.org
Download Go to
Full URL
http://toglooman.com/42/38?z=2892786
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=2681949
Protocol
HTTP/1.1
Server
139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Sc
JWvOkcHi-i-zrGQVrXT3iOJ-yRMnv662Es-coRBxKLiDFNG5ZIOl3r0YRnuwJhzvMJNRbAzNmjDuk6TmbiKTr3DSDHA=
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
9
toglooman.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://toglooman.com/9?z=2892786&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Flibgen.gs%2Fforeignfiction%2Fads.php%3Fmd5%3DF5BA59CD3F3E54C31AD9AB96AB56D33F%26key%3DJYU6YEUP2XMN318M&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Protocol
HTTP/1.1
Server
139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://libgen.gs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 22 Jan 2021 11:19:41 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://libgen.gs
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
online.js
static.lalaping.com/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lalaping.com/online.js?ver=2.0.0
Requested by
Host: toglooman.com
URL: http://toglooman.com/27/125732e2cacd97136364008a6cd2b63a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 11:19:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Nov 2020 17:10:39 GMT
server
cloudflare
age
6233
etag
W/"5fbbed0f-14f3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=om659ITkfvNKWFkFsI21vCr%2Fuv4lU4zLValcSeqKtSsnQZiUypNRZQYFVBYDPoJo7uyaKrWCtw0DoisiLle1J9gKrj3ZVTEJSF8Wi5LgKQoUZ4XtusGkyq6xNWxVqSDO"}]}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6158e1a4e9f14a6e-FRA
cf-request-id
07cb6b5b1100004a6e2c000000000001
9
toglooman.com/ 		0
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://toglooman.com/9?z=2892786&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Flibgen.gs%2Fforeignfiction%2Fads.php%3Fmd5%3DF5BA59CD3F3E54C31AD9AB96AB56D33F%26key%3DJYU6YEUP2XMN318M&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Requested by
Host: toglooman.com
URL: http://toglooman.com/27/125732e2cacd97136364008a6cd2b63a
Protocol
HTTP/1.1
Server
139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Sc
Ypi_2Nrd4WxhhXAPzATcLuJHpmNC4t6SZ4osheqwoQi-Pwd9Xc1XZvJ2xupubrPyzToAnqZmK7z7GztyqMcm44amRjI=
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
http://libgen.gs
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
3710680
inpagepush.com/500/ 		0
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/500/3710680?excludes=&oaid=11f0d039083d4d67835809fe466d5622&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=http%3A%2F%2Flibgen.gs%2Fforeignfiction%2Fads.php%3Fmd5%3DF5BA59CD3F3E54C31AD9AB96AB56D33F%26key%3DJYU6YEUP2XMN318M&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: inpagepush.com
URL: https://inpagepush.com/400/3710680
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
e7cfaf22b0bc29fd6257208b57c0a930
Pragma
no-cache
Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Origin
http://libgen.gs
Access-Control-Expose-Headers
Link
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Vary
Origin
Expires
Wed, 31 Dec 1969 19:00:00 EST
3710680
inpagepush.com/500/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/500/3710680?excludes=&oaid=11f0d039083d4d67835809fe466d5622&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=http%3A%2F%2Flibgen.gs%2Fforeignfiction%2Fads.php%3Fmd5%3DF5BA59CD3F3E54C31AD9AB96AB56D33F%26key%3DJYU6YEUP2XMN318M&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
HTTP/1.1
Server
139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://libgen.gs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 22 Jan 2021 11:19:41 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
http://libgen.gs
Access-Control-Max-Age
300
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
5087
X-XSS-Protection
0
Expires
Fri, 22 Jan 2021 11:19:41 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
5969
X-XSS-Protection
0
Expires
Fri, 22 Jan 2021 11:19:41 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
13504
X-XSS-Protection
0
Expires
Fri, 22 Jan 2021 11:19:41 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
7048
X-XSS-Protection
0
Expires
Fri, 22 Jan 2021 11:19:41 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 11:19:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
3934
X-XSS-Protection
0
Expires
Fri, 22 Jan 2021 11:19:41 GMT
add
o.wowreality.info/api/log/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://o.wowreality.info/api/log/add
Protocol
HTTP/1.1
Server
139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://libgen.gs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 22 Jan 2021 11:19:42 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
http://libgen.gs
add
o.wowreality.info/api/log/ 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://o.wowreality.info/api/log/add
Requested by
Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol
HTTP/1.1
Server
139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

Date
Fri, 22 Jan 2021 11:19:43 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
http://libgen.gs
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length
0
3710680
inpagepush.com/500/ 		0
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/500/3710680?excludes=&oaid=11f0d039083d4d67835809fe466d5622&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=http%3A%2F%2Flibgen.gs%2Fforeignfiction%2Fads.php%3Fmd5%3DF5BA59CD3F3E54C31AD9AB96AB56D33F%26key%3DJYU6YEUP2XMN318M&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: inpagepush.com
URL: https://inpagepush.com/400/3710680
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://libgen.gs/foreignfiction/ads.php?md5=F5BA59CD3F3E54C31AD9AB96AB56D33F&key=JYU6YEUP2XMN318M
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
2a6589b069d6b1fa8ab3fa6f80bfcdfe
Pragma
no-cache
Date
Fri, 22 Jan 2021 11:19:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Origin
http://libgen.gs
Access-Control-Expose-Headers
Link
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Vary
Origin
Expires
Wed, 31 Dec 1969 19:00:00 EST
3710680
inpagepush.com/500/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/500/3710680?excludes=&oaid=11f0d039083d4d67835809fe466d5622&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=http%3A%2F%2Flibgen.gs%2Fforeignfiction%2Fads.php%3Fmd5%3DF5BA59CD3F3E54C31AD9AB96AB56D33F%26key%3DJYU6YEUP2XMN318M&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
HTTP/1.1
Server
139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://libgen.gs
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 22 Jan 2021 11:19:56 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
http://libgen.gs
Access-Control-Max-Age
300
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| Clipboard function| $ function| jQuery function| onClickTrigger object| edum9krw0yd object| zfgformats boolean| zfgloadedpopup boolean| zfgloadednative boolean| _retranberw object| webpushlogs object| regeneratorRuntime function| _retranber number| wm string| oaid object| _0x2efe function| _0x2200

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedrapiona.com
booksdl.org
gen.lib.rus.ec
iclickcdn.com
inpagepush.com
libgen.gs
libgen.lc
libgen.rs
o.wowreality.info
onmarshtompor.com
static.lalaping.com
toglooman.com
www.google.com
111.90.145.71
111.90.145.73
139.45.195.254
139.45.195.82
139.45.196.14
139.45.196.30
139.45.196.72
193.218.118.42
2606:4700:20::681a:97b
2606:4700:20::681a:d76
2a00:1450:4001:801::2004
89.248.170.53
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
45e720317fe652351b0cf714138b55f67e4d8a9a2d7886ebc1200bf7125e4e0a
56ed38a16640247aee48259455b78d8d2c73c307daa785012bf9ca0f6afed8e8
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
7a53791e4fa066ae10a40b55d93931975a840e53298b52657b05112936273fb5
7f3e70910f6ae901920194016db3577bc1fc620ee21697baa01478885eaee317
8045891291c493f2e2ac180d98e101c54568ab2e74389ad33431a732c74ac133
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a4ccb2e7f91a01dcc8f0e18915efa583e84858db6975a3123d7ebd4a2bed63e3
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b28e663b306cf021e9023e8c25f201b07e5b4299e856116a059bef38729060
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d