urlscan.io logo urlscan.io
SecurityTrails logo

libgen.pw Open in urlscan Pro
2606:4700:30::6818:7d49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://libgen.pw/
Effective URL: https://libgen.pw/
Submission: On November 30 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 2606:4700:30::6818:7d49, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is libgen.pw.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 3rd 2019. Valid for: a year.
This is the only time libgen.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2606:4700:30:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2.21.38.79 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 173.0.82.77 17012 (PAYPAL)
29 8
16    2606:4700:30::6818:7d49 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
libgen.pw
3    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.de
1    2.21.38.79 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-38-79.deploy.static.akamaitechnologies.com
www.paypal.com
2    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
www.googletagservices.com
2    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    173.0.82.77 (United States)

ASN17012 (PAYPAL - PayPal, Inc., US)
www.sandbox.paypal.com
Domain Requested by
16 libgen.pw 1 redirects libgen.pw
pagead2.googlesyndication.com
3 www.sandbox.paypal.com www.paypal.com
2 www.google-analytics.com libgen.pw
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 pagead2.googlesyndication.com libgen.pw
pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.paypal.com libgen.pw
0 tracking.qa.paypal.com Failed libgen.pw
29 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-03 -
2020-09-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2019-09-10 -
2020-08-18		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.sandbox.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2019-02-14 -
2021-02-18		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://libgen.pw/
Frame ID: 5250C252CCB58BC840E290FF7AD56925
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Frame ID: A7D24A86033BB64059145F10C8C7974B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1575090732&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Flibgen.pw%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1575090732767&bpp=45&bdt=49&fdt=158&idt=158&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4723938729129&frm=20&pv=2&ga_vid=371400052.1575090733&ga_sid=1575090733&ga_hid=134845292&ga_fc=0&iag=0&icsg=42602495&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011&oid=3&pvsid=1091564279575971&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169
Frame ID: 75AAA911F2173B2F0DCEEF280CE2DE9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://libgen.pw/ HTTP 301
    https://libgen.pw/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-v(?:ue)-/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

29
Requests

97 %
HTTPS

71 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

557 kB
Transfer

1635 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://libgen.pw/ HTTP 301
    https://libgen.pw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
libgen.pw/
Redirect Chain
  • http://libgen.pw/
  • https://libgen.pw/
44 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
34d4ca39aaedcfd7b3f042efb6e79ecc7061c2e84af7c15ba7e73e9bf4aa9043

Request headers

:method
GET
:authority
libgen.pw
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

status
200
date
Sat, 30 Nov 2019 05:12:12 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d8a4dde8274e747e4eed6432dc97546981575090732; expires=Mon, 30-Dec-19 05:12:12 GMT; path=/; domain=.libgen.pw; HttpOnly; Secure
x-powered-by
Express
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53da5336f8abcbb0-VIE
content-encoding
br

Redirect headers

Date
Sat, 30 Nov 2019 05:12:12 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 30 Nov 2019 06:12:12 GMT
Location
https://libgen.pw/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
53da5336bda15a00-VIE
11bf02b94500c7a70cd7.js
libgen.pw/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/11bf02b94500c7a70cd7.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d3d327633e6eadcd18f2aa8a5648033ebeefe3ac30de5cdcd143b0e21a88ba66

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:28:22 GMT
server
cloudflare
age
656493
x-powered-by
Express
etag
W/"c92-16e93838b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
53da53378966cbb0-VIE
74b843aad8b74e306b0c.js
libgen.pw/_nuxt/ 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/74b843aad8b74e306b0c.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d4cbcec5ea03133d08c1a2ab9f4a881e30b95fbce4ec15d3eb5ee537774790df

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:28:22 GMT
server
cloudflare
age
656493
x-powered-by
Express
etag
W/"2fd9f-16e93838b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
53da53378967cbb0-VIE
7f3d03dbcf48bf46b585.js
libgen.pw/_nuxt/ 		438 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/7f3d03dbcf48bf46b585.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
176c37ed6dd62c5e28b690400bb1337ca0342cdfb6cf2b7dc370c478e58d5fed

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:28:22 GMT
server
cloudflare
age
656493
x-powered-by
Express
etag
W/"6d8a0-16e93838b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
53da53378968cbb0-VIE
8fdf943fd03355761442.js
libgen.pw/_nuxt/ 		107 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/8fdf943fd03355761442.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
49adbcd18b491eb4007b224155a7211af59c7ea0d33e48e21608d28e2251f436

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:28:22 GMT
server
cloudflare
age
656493
x-powered-by
Express
etag
W/"1ad56-16e93838b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
53da5337896acbb0-VIE
d43bf326ca108e59693f.js
libgen.pw/_nuxt/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/d43bf326ca108e59693f.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9acb4377b91469f2339e2f4cf8f914553f1ac3712e996f03ae37a5f18bc1c1e5

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:28:22 GMT
server
cloudflare
age
655838
x-powered-by
Express
etag
W/"17ba-16e93838b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
53da5337896bcbb0-VIE
6e625b161c6cd1211947.js
libgen.pw/_nuxt/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/6e625b161c6cd1211947.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0dd57bf6b2974f691166176524af85e09febe7da2baa4140770bcbcbd8765365

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:28:22 GMT
server
cloudflare
age
655838
x-powered-by
Express
etag
W/"6e7b-16e93838b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
53da5337896ccbb0-VIE
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f128586b7017fd051b211b07fa7ed4ef775c82ba9a715a05995b579737e79f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37553
x-xss-protection
0
server
cafe
etag
14757686636207476153
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 30 Nov 2019 05:12:12 GMT
js
www.paypal.com/sdk/ 		266 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=sb
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.21.38.79 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-38-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aafee9d4309e7610ea9f951b2c3a0a3b8e068f723c58dee447173f6645b5b1c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-TLnmcRN4yVGhtp0eobeJ9aw5sPosYX1iy29uJ8C86I3Ic3q9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TLnmcRN4yVGhtp0eobeJ9aw5sPosYX1iy29uJ8C86I3Ic3q9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-TLnmcRN4yVGhtp0eobeJ9aw5sPosYX1iy29uJ8C86I3Ic3q9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TLnmcRN4yVGhtp0eobeJ9aw5sPosYX1iy29uJ8C86I3Ic3q9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
p3p
true
status
200
paypal-debug-id
3dd15b8b945f
strict-transport-security
max-age=63072000
dc
ccg11-origin-www-1.paypal.com
content-length
84135
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Sat, 30 Nov 2019 05:12:12 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
must-revalidate, max-age=21600
etag
W/"148a7-S1BTQYTBiB26LCT2FoilgNBVv3Q"
expires
Sat, 30 Nov 2019 11:12:12 GMT
f17ac85.svg
libgen.pw/_nuxt/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://libgen.pw/_nuxt/img/f17ac85.svg
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
63cfd164bea0502c70f259f66bbbff8cdee3b5f553565ebfba40d5fb6ef719d3

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Sep 2019 14:20:52 GMT
server
cloudflare
age
5236066
x-powered-by
Express
etag
W/"1782-16d166615a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=31536000
cf-ray
53da5337896ecbb0-VIE
7e36118.svg
libgen.pw/_nuxt/img/ 		1 KB
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://libgen.pw/_nuxt/img/7e36118.svg
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
32edc88895d7a556a1992f115085e5c5060eacfb875c89a7e45a234bc0c461c6

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Sep 2019 14:20:52 GMT
server
cloudflare
age
5127828
x-powered-by
Express
etag
W/"5df-16d166615a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=31536000
cf-ray
53da5337c9d2cbb0-VIE
897b8f7.svg
libgen.pw/_nuxt/img/ 		2 KB
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://libgen.pw/_nuxt/img/897b8f7.svg
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e2739336e4f3f89bf62aa896a37bc0b6c8f0cbf0ef32467f61c6362bab3f798e

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Oct 2019 13:44:03 GMT
server
cloudflare
age
4546967
x-powered-by
Express
etag
W/"654-16dab9cccb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=31536000
cf-ray
53da5337d9f3cbb0-VIE
email-decode.min.js
libgen.pw/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
gzip
last-modified
Fri, 29 Nov 2019 12:27:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5de10ece-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
53da5337a993cbb0-VIE
expires
Mon, 02 Dec 2019 05:12:12 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=libgen.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=libgen.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/ 		240 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
90016
x-xss-protection
0
server
cafe
etag
16514268273887163252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Nov 2019 05:12:12 GMT
3cb46b3.woff
libgen.pw/_nuxt/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/fonts/3cb46b3.woff
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bc3e2af807f5dbfe08810fc2050080825050d3b60eaeffa67e82f42021d7023a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Referer
https://libgen.pw/
Origin
https://libgen.pw

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Oct 2019 16:11:05 GMT
server
cloudflare
age
249064
x-powered-by
Express
etag
W/"51b0-16def1615a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
53da53381a45cbb0-VIE
content-length
20912
a3d7d65.woff
libgen.pw/_nuxt/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/fonts/a3d7d65.woff
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
810a13a74ae783fb66c9bd9fcc492974769e11006b51a9c883eaf12e8c4b0494

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Referer
https://libgen.pw/
Origin
https://libgen.pw

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
cf-cache-status
HIT
last-modified
Mon, 09 Sep 2019 14:20:52 GMT
server
cloudflare
age
46130
x-powered-by
Express
etag
W/"51b8-16d166615a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
53da53381a4fcbb0-VIE
content-length
20920
d563ad8.woff
libgen.pw/_nuxt/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/fonts/d563ad8.woff
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
973e6285a41bbfe2a903aeb29d0b9b46c4cad722b33ca2a037abdc2f25bb9597

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Referer
https://libgen.pw/
Origin
https://libgen.pw

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
cf-cache-status
HIT
last-modified
Mon, 09 Sep 2019 14:20:52 GMT
server
cloudflare
age
2569726
x-powered-by
Express
etag
W/"509c-16d166615a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
53da53381a51cbb0-VIE
content-length
20636
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/ Frame A7D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191114/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://libgen.pw/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Referer
https://libgen.pw/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Nov 2019 08:19:49 GMT
expires
Wed, 04 Dec 2019 08:19:49 GMT
content-type
text/html; charset=UTF-8
etag
9688732929695215001
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6504
x-xss-protection
0
cache-control
public, max-age=1209600
age
852743
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ 		945 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c4a48db3cb198b7c81db78533ee91ffd20c7bee1bc775d529332023fd5882ea

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		330 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fefb0db67dfd6d436e59a1545fb5ac37a950456c69418d7817adbeaad6828a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/_nuxt/7f3d03dbcf48bf46b585.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2315
date
Sat, 30 Nov 2019 04:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sat, 30 Nov 2019 06:33:37 GMT
pptm.js
www.sandbox.paypal.com/tagmanager/ 		12 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/tagmanager/pptm.js?id=libgen.pw&t=xo&v=5.0.90&source=payments_sdk&client_id=AZDxjDScFpQtjWTOUtWKbyN_bDt4OgqaF4eYXlewfBP4-8aqX3PiV8e1GWU6liB2CUXlkA59kJXE7M6R
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=sb
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
173.0.82.77 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),
Reverse DNS
Software
/
Resource Hash
041a98247c27a2358afb6a17c539f0650a0766abe518e72f7735d5b2a8b9458d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PTdadsMZsjC4X8fWbg4ua2Fen4fNKlUZGhupwTAQmWX1OvoL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PTdadsMZsjC4X8fWbg4ua2Fen4fNKlUZGhupwTAQmWX1OvoL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content
X-Content-Type-Options
nosniff
Etag
W/"3155-BkyzCHrkM1PqGY62lidtrTVAhng"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=utf-8
Paypal-Debug-Id
6eebae6922b0c
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Date
Sat, 30 Nov 2019 05:12:13 GMT
Strict-Transport-Security
max-age=63072000
Content-Length
12629
X-Xss-Protection
1; mode=block
ads
googleads.g.doubleclick.net/pagead/ Frame 75AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1575090732&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Flibgen.pw%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1575090732767&bpp=45&bdt=49&fdt=158&idt=158&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4723938729129&frm=20&pv=2&ga_vid=371400052.1575090733&ga_sid=1575090733&ga_hid=134845292&ga_fc=0&iag=0&icsg=42602495&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011&oid=3&pvsid=1091564279575971&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1575090732&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Flibgen.pw%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1575090732767&bpp=45&bdt=49&fdt=158&idt=158&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4723938729129&frm=20&pv=2&ga_vid=371400052.1575090733&ga_sid=1575090733&ga_hid=134845292&ga_fc=0&iag=0&icsg=42602495&dssz=15&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125%2C20040011&oid=3&pvsid=1091564279575971&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://libgen.pw/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Referer
https://libgen.pw/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 30 Nov 2019 05:12:12 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 30-Nov-2019 05:27:12 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Sat, 30 Nov 2019 05:12:12 GMT
collect
www.google-analytics.com/r/ 		35 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=134845292&t=pageview&_s=1&dl=https%3A%2F%2Flibgen.pw%2F&dp=%2F&ul=en-us&de=UTF-8&dt=libgen&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aAhAAEABE~&jid=225290914&gjid=702217164&cid=371400052.1575090733&tid=UA-145825615-1&_gid=1251792742.1575090733&_r=1&z=2117168473
Requested by
Host: libgen.pw
URL: https://libgen.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Nov 2019 05:12:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
64d00714ca448da62a66.js
libgen.pw/_nuxt/ 		2 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://libgen.pw/_nuxt/64d00714ca448da62a66.js
Requested by
Host: libgen.pw
URL: https://libgen.pw/_nuxt/11bf02b94500c7a70cd7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:7d49 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
12912e4079c09eb5489bbfbf74f6f32469fc587d32ebbe47477e3ca845b6ae1b

Request headers

Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Response headers

date
Sat, 30 Nov 2019 05:12:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Nov 2019 14:28:22 GMT
server
cloudflare
age
656492
x-powered-by
Express
etag
W/"90b-16e93838b70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
cf-ray
53da53392c06cbb0-VIE
ts
tracking.qa.paypal.com/webapps/tracking/ 		0
0
logger
www.sandbox.paypal.com/xoplatform/logger/api/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=sb
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
173.0.82.77 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),
Reverse DNS
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://libgen.pw
Referer
https://libgen.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Sat, 30 Nov 2019 05:12:14 GMT
X-Content-Type-Options
nosniff
X-Powered-By
Express
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Methods
POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://libgen.pw
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Paypal-Debug-Id
aeb43d9694938
Access-Control-Allow-Headers
content-type
Content-Length
2
Etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
logger
www.sandbox.paypal.com/xoplatform/logger/api/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandbox.paypal.com/xoplatform/logger/api/logger
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
173.0.82.77 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),
Reverse DNS
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://libgen.pw/
Origin
https://libgen.pw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
content-type
application/json

Response headers

Date
Sat, 30 Nov 2019 05:12:14 GMT
X-Content-Type-Options
nosniff
X-Powered-By
Express
Strict-Transport-Security
max-age=63072000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://libgen.pw
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Paypal-Debug-Id
432804588a658
Content-Length
2
Etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tracking.qa.paypal.com
URL
https://tracking.qa.paypal.com/webapps/tracking/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=libgen&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1575090733943&g=-60&completeurl=https%3A%2F%2Flibgen.pw%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| __post_robot_10_0_29__ object| paypal object| __zoid_9_0_36__ function| google_spfd object| google_sv_map object| google_t12n_vars object| __NUXT__ object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| SocialSharing object| $nuxt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data function| ga object| gaplugins boolean| ga-disable-UA-145825615-1 object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| paypalDDL object| __paypal_storage__

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.libgen.pw/ Name: _gat
Value: 1
.libgen.pw/ Name: _ga
Value: GA1.2.371400052.1575090733
.libgen.pw/ Name: _gid
Value: GA1.2.1251792742.1575090733
.libgen.pw/ Name: __cfduid
Value: d8a4dde8274e747e4eed6432dc97546981575090732

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
libgen.pw
pagead2.googlesyndication.com
tracking.qa.paypal.com
www.google-analytics.com
www.googletagservices.com
www.paypal.com
www.sandbox.paypal.com
tracking.qa.paypal.com
173.0.82.77
2.21.38.79
2606:4700:30::6818:7d49
2a00:1450:4001:808::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2002
041a98247c27a2358afb6a17c539f0650a0766abe518e72f7735d5b2a8b9458d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0dd57bf6b2974f691166176524af85e09febe7da2baa4140770bcbcbd8765365
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
12912e4079c09eb5489bbfbf74f6f32469fc587d32ebbe47477e3ca845b6ae1b
176c37ed6dd62c5e28b690400bb1337ca0342cdfb6cf2b7dc370c478e58d5fed
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
32edc88895d7a556a1992f115085e5c5060eacfb875c89a7e45a234bc0c461c6
34d4ca39aaedcfd7b3f042efb6e79ecc7061c2e84af7c15ba7e73e9bf4aa9043
43fefb0db67dfd6d436e59a1545fb5ac37a950456c69418d7817adbeaad6828a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49adbcd18b491eb4007b224155a7211af59c7ea0d33e48e21608d28e2251f436
63cfd164bea0502c70f259f66bbbff8cdee3b5f553565ebfba40d5fb6ef719d3
6f128586b7017fd051b211b07fa7ed4ef775c82ba9a715a05995b579737e79f6
810a13a74ae783fb66c9bd9fcc492974769e11006b51a9c883eaf12e8c4b0494
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c4a48db3cb198b7c81db78533ee91ffd20c7bee1bc775d529332023fd5882ea
973e6285a41bbfe2a903aeb29d0b9b46c4cad722b33ca2a037abdc2f25bb9597
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
9acb4377b91469f2339e2f4cf8f914553f1ac3712e996f03ae37a5f18bc1c1e5
aafee9d4309e7610ea9f951b2c3a0a3b8e068f723c58dee447173f6645b5b1c3
bc3e2af807f5dbfe08810fc2050080825050d3b60eaeffa67e82f42021d7023a
d3d327633e6eadcd18f2aa8a5648033ebeefe3ac30de5cdcd143b0e21a88ba66
d4cbcec5ea03133d08c1a2ab9f4a881e30b95fbce4ec15d3eb5ee537774790df
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e2739336e4f3f89bf62aa896a37bc0b6c8f0cbf0ef32467f61c6362bab3f798e