libgen.rocks Open in urlscan Pro
2606:4700:3036::ac43:c53e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://libgen.lc/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Effective URL:
https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Submission: On March 24 via manual (March 24th 2023, 3:43:02 am UTC) from AU — Scanned from NL

Summary HTTP 95 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 15 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3036::ac43:c53e, located in United States and belongs to CLOUDFLARENET, US. The main domain is libgen.rocks. The Cisco Umbrella rank of the primary domain is 688284.
TLS certificate: Issued by GTS CA 1P5 on February 21st 2023. Valid for: 3 months.

This is the only time libgen.rocks was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	89.248.170.56 89.248.170.56	202425 (INT-NETWORK) (INT-NETWORK)
13	2606:4700:303... 2606:4700:3036::ac43:c53e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
19	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	173.233.137.44 173.233.137.44	7979 (SERVERS-COM) (SERVERS-COM)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 16	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
6	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
95	24

2 89.248.170.56 (Amsterdam, Netherlands) 2 redirects

ASN202425 (INT-NETWORK, SC)

libgen.lc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3036::ac43:c53e (United States)

ASN13335 (CLOUDFLARENET, US)

libgen.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)

fertilisedshoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	360 KB
15	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com csi.gstatic.com	263 KB
13	libgen.rocks libgen.rocks — Cisco Umbrella Rank: 688284	203 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	118 KB
8	criteo.net static.criteo.net — Cisco Umbrella Rank: 642 csm.eu.criteo.net — Cisco Umbrella Rank: 8282	58 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12890 ads.eu.criteo.com — Cisco Umbrella Rank: 8226 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9532	19 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	146 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 14604	696 B
2	fertilisedshoe.com fertilisedshoe.com — Cisco Umbrella Rank: 603033
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	38 KB
2	libgen.lc 2 redirects libgen.lc — Cisco Umbrella Rank: 435136	465 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	606 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 673	30 KB
95	15

	Domain	Requested by
16	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	libgen.rocks pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	libgen.rocks	libgen.rocks
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	static.criteo.net	ads.eu.criteo.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	fertilisedshoe.com	libgen.rocks
2	cdn.jsdelivr.net	libgen.rocks
2	libgen.lc	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	libgen.rocks
95	26

This site contains links to these domains. Also see Links.

Domain
libgenfrialc7tguyjywa36vtrdcplwpxaw43h6o63dmmwhvavo5rqqd.onion
phillm.net
libgen.rs
ftp.libgen.lc
libruslib.ucoz.com
b-ok.cc
sci-hub.ru
magzdb.org
nlr.ru
rsl.ru
loc.gov
comicvine.gamespot.com
cyberleninka.ru
lib.rus.ec
flibusta.net
goodreads.com
worldcat.org
wiki.archiveteam.org
www.reddit.com
pilimi.org
www.worldcat.org
www.goodreads.com
www.abebooks.com

Subject Issuer	Validity	Valid
*.libgen.rocks GTS CA 1P5	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
fertilisedshoe.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Frame ID: BDFEAA39F302C19153D4B0DA4658226D
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: 65589D981D7024279EB838F54AC2545E
Requests: 1 HTTP requests in this frame

Frame: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7acbe8325b1d0bba
Frame ID: 5BB6F70A9FAEE2521ADE313F7575513B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1679629377&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629376949&bpp=3&bdt=444&idt=355&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6987284541904&frm=20&pv=2&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=377
Frame ID: 5C2067D9A60598656F3F24F9925FF334
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=5706997950&adk=2742354776&adf=2937974739&pi=t.ma~as.5706997950&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629376952&bpp=1&bdt=447&idt=380&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=62&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5na6vjfKgC&p=https%3A//libgen.rocks&dtd=384
Frame ID: 9EE06E54A5A79A512489D93EE6B2BD1E
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=2486455165&adk=2107069244&adf=1045922912&pi=t.ma~as.2486455165&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629377135&bpp=3&bdt=629&idt=204&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1238&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gRag7nTdox&p=https%3A//libgen.rocks&dtd=206
Frame ID: 50DB1AD9B0E1F4353A5A14BA291F3525
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB0cQQAFz6UKe5UEAAOkHF9Ej96YKxux7IV7aA&u=%7CvtziUGIVek5W6YbhFJEnDXJewx%2FLAFZlPX9ZSZEF7%2FM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XVyx4Jkyo7PIwNtyl1Tzw1FffTzxrYnBBSyfPF6vt5H7IdxuCRaFcsFDIh7BkRjNFKcz7akOkuQCjYua2CjNbhfzS4SS65s9Pi9qglhU_28KXh1UWlnAnK7SGnYEwS5tkwuCBJMqE-JYQgE4oJHTQT2aYLlVPShfwvQUn-YHAdcmi921vuM9ww57vJ3C4fhYQsAAtMffuCh6m7Ph63UoYK80k1RzxeWA-SCilO5MWfsUeoV0Mec8xMI6e_ybTH8vO66DEOWVrBT0gqqB3lLUnAserlW83ujIHT4f_Cv2JUblap_mAryt3JqMhStx8Gm1f0jEKKBLOl6YGcFk9DR7gcf2HLcU-xgRt7SKM0MSnQ6ZUWF4gqU_HyqpBl_eCmeYbMfEVS6UvCIXqmQqbsW5j2DT9lYP3rINAXNybBcpPk4LtutjJidxFW0dUMznzVgowk8aOybDA6u57l2VC2VdG1N2hEeGNV-MBrjKviezVfLDewXpSNAYHpbxXgsaQTIQVXVTuIBvM9tyEk4XrijluJzpxkJfV-N2rd9Psxzad3ba&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0N3QRwdZKWfF4Sq7gOcyI6gBsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDEzOTg1MDAzMTAyNjIwMsgBCakCISjiTAIssj6oAwGqBMMBT9ArKheneH1badkfRw5LNr4LFIZXZENbULACU563Y6GgGUsdVMIQnQJi9XvO2_OFMpxkzlF8powuHDRmD4sa8_WZPoaG6Rhc89kfRFH98kAgKTM680dF0KOBsdu80B7E-bbbOe5G2s7T1Ef7a8bgUp78nebubshHQ7sJfTfc6ORwz20PN3gPoQ7mWoKIDA3V927P-pgbOOUkqe4sWKIfWBO3rkLvW0BamoIR6MwMBEDMa2xfmgTzTGulRDyi6rpF_egNgAaj6Z7-rsuKl0OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bOcHFpY67GkV-QGTSIgFf3BiM4A%26client%3Dca-pub-4139850031026202%26adurl%3D
Frame ID: 9F48318468A88DEA448487DC2AFC9873
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8C314FD825D9020731CE080D0C528DFD
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js
Frame ID: 4AE541B3A3517C30594DE35F11020942
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js
Frame ID: BBA4F3C6E89946977A89478F5135A492
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AB468770E85220D1805FE0BFBB69BBA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F3E51CEF67E40E1B7BD444B7F115E80
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Library Genesis

Page URL History Show full URLs

http://libgen.lc/ads.php?md5=89D70F8C9274C34908E9445942230A7F HTTP 307
https://libgen.lc/ads.php?md5=89D70F8C9274C34908E9445942230A7F HTTP 307
https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

95
Requests

99 %
HTTPS

88 %
IPv6

15
Domains

26
Subdomains

24
IPs

4
Countries

1241 kB
Transfer

2838 kB
Size

6
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://libgenfrialc7tguyjywa36vtrdcplwpxaw43h6o63dmmwhvavo5rqqd.onion/
Title: TOR

Search URL Search Domain Scan URL

URL: https://phillm.net/libgen-stats-table.php
Title: Torrents status

Search URL Search Domain Scan URL

URL: http://libgen.rs/dbdumps/
Title: libgen.rs (gen.lib.rus.ec)

Search URL Search Domain Scan URL

URL: ftp://ftp.libgen.lc/upload/
Title: FTP

Search URL Search Domain Scan URL

URL: http://libruslib.ucoz.com/index/libgen_bibliotekar/0-5
Title: Libgen librarian for desktop

Search URL Search Domain Scan URL

URL: https://b-ok.cc/fulltext/
Title: Full text search

Search URL Search Domain Scan URL

URL: http://sci-hub.ru/
Title: Sci-hub

Search URL Search Domain Scan URL

URL: http://magzdb.org/
Title: Magzdb.org

Search URL Search Domain Scan URL

URL: http://nlr.ru/rlin/Periodika_rus.php
Title: РНБ

Search URL Search Domain Scan URL

URL: http://rsl.ru/
Title: РГБ

Search URL Search Domain Scan URL

URL: http://loc.gov/
Title: LOC

Search URL Search Domain Scan URL

URL: https://comicvine.gamespot.com/
Title: ComicVine

Search URL Search Domain Scan URL

URL: http://cyberleninka.ru/
Title: Cyberleninka

Search URL Search Domain Scan URL

URL: http://lib.rus.ec/
Title: Lib.rus.ec

Search URL Search Domain Scan URL

URL: http://flibusta.net/
Title: Flibusta.net

Search URL Search Domain Scan URL

URL: http://goodreads.com/
Title: Goodreads.com

Search URL Search Domain Scan URL

URL: http://worldcat.org/
Title: Worldcat.org

Search URL Search Domain Scan URL

URL: https://wiki.archiveteam.org/
Title: Archive team

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/libgen/
Title: Reddit

Search URL Search Domain Scan URL

URL: http://pilimi.org/
Title: Pilimi (Z-lib archives)

Search URL Search Domain Scan URL

URL: https://www.worldcat.org/search?qt=worldcat_org_bks&q=Faithful%20and%20virtuous%20night&fq=dt%3Abks
Title: Search in WorldCat

Search URL Search Domain Scan URL

URL: https://www.goodreads.com/search?utf8=%E2%9C%93&query=Faithful%20and%20virtuous%20night
Title: Search in Goodreads

Search URL Search Domain Scan URL

URL: https://www.abebooks.com/servlet/SearchResults?tn=Faithful%20and%20virtuous%20night&pt=book&cm_sp=pan-_-srp-_-ptbook
Title: Search in AbeBooks

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://libgen.lc/ads.php?md5=89D70F8C9274C34908E9445942230A7F HTTP 307
https://libgen.lc/ads.php?md5=89D70F8C9274C34908E9445942230A7F HTTP 307
https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqu42gEQkAEYkAEyCCjCB-EB92Hx HTTP 301
https://tpc.googlesyndication.com/simgad/6750730227827852970

95 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ads.php Show response
libgen.rocks/
Redirect Chain

http://libgen.lc/ads.php?md5=89D70F8C9274C34908E9445942230A7F
https://libgen.lc/ads.php?md5=89D70F8C9274C34908E9445942230A7F
https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F

22 KB
8 KB

217ms
143ms

Document
text/html

2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac6495fb522ab39728b1e97ee6d333e5205aca17f6b0da56f79d6c5dd1d60356

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7acbe8325b1d0bba-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Mar 2023 03:42:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjF%2FBQbVNTK%2B6PzYsAHtcRg8SkbtFS0Vl0Eola9aVlazezhv5qHeXCbhItydWfCJXGpHC1oTco8J2XkX8VBQJ68xVqrbeujqT8TQpPFG8v4fR5a8iQDtjWgTW7WPRUagSx2PX15ZO%2B9iZgw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Fri, 24 Mar 2023 03:42:56 GMT
Location: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Server: nginx

GET
H2 200 bootstrap.min.css
libgen.rocks/css/ 157 KB
25 KB 50ms
46ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/bootstrap.min.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f859e98-27288"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cH3UTPyhcDME7RTnoWMydQFm46nsZRP1AV2sjuVE9d2pWouOjtLZBCUPylBuYq5IcRM9ByydOgt31bHU0MF7UmSoJXHRrceZR5Fp%2B9XBRxfZqSAIeFgC0mMPMnP3yKd%2FIidW9TZK9aSXLz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7acbe8335bc80bba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H2 200 font.min.css
libgen.rocks/css/ 9 KB
2 KB 37ms
35ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/font.min.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Jun 2021 18:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60c104b1-25d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePRTLEOrc42NRM%2BAXOtitaQZKxz4tpYjQPZhcRZ08FxeVUhi0S2HlX1QWA1CxK%2BtC%2B9zKVZIssgFl2H3oFyUoALxyAyYL2EIP3A%2BA8vRlCgZHu0efhPed%2FeP7ixTVDcWw2YBv13ATGvZRXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7acbe8335bca0bba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H2 200 dark-mode.css
libgen.rocks/css/ 294 B
482 B 35ms
34ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/dark-mode.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Apr 2021 06:48:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"608a56c4-126"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Rmqa8jk4jknur%2FQDf6w%2FwnJYniYulxDi%2B2pL7%2Fx2JH7GpfvWIEacKmzLZIXzkHLoI%2FLpCwi%2Bd%2FqUrIgp7rFKAWUaseOq8i81HoOnqJGqiIVs2b%2FL%2F8ZfozHZcNffVg%2BLnGoI2ZdNTwGkGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7acbe8335bcb0bba-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 90ms
28ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1679629376.dop202.am5.t,1679629376.cds218.am5.hn,1679629376.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 216ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d9837c8ce7fd34ff3c9092be72ddb53fa8b461733c11305fba513c24e39de62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48820
x-xss-protection: 0
server: cafe
etag: 4909222890570360866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 03:42:56 GMT

GET
H3 200 logo.png
libgen.rocks/img/ 2 KB
2 KB 51ms
50ms Image
image/png 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libgen.rocks/img/logo.png
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 30 May 2020 06:17:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ed1fa96-7b8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhM6N7tehRWMorzz2wllBr1Txol6d60Ay8PFsDeefoWCtsKUL8%2BVeefOGpdmrcXud%2FIONK00slC%2B1g5f%2F248ZGm8gMvHjeL8jwiTVu1sCX6eG%2Bamm%2FhZY%2BP59hHvozwj2kteE2MKD9ffPzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7acbe8341992d0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1976
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H3 200 dark-mode-switch.js Show response
libgen.rocks/js/ 3 KB
1 KB 35ms
35ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/dark-mode-switch.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 22 May 2021 16:34:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60a93285-b75"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxaPVDzJSQoSmDDLzgeBtnJoiDWMOLIOP5HQ0TlOkKXvfeEEyE%2FfO32%2FcHt%2F7fxeifYCG4rUnl7nnT2HOSLxi%2B46taq36MGku%2FWcjp7jdzupsHVMlSm4TvYTw3Sjht%2BIf95gANlr0jdD6Qs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7acbe833a93bd0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H3 200 89d70f8c9274c34908e9445942230a7f.jpg
libgen.rocks/covers/1424000/ 136 KB
137 KB 147ms
147ms Image
image/jpeg 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libgen.rocks/covers/1424000/89d70f8c9274c34908e9445942230a7f.jpg
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b245ab42e4d6c83d0e32dd1d7699d6389eb3f9d528364023e0177f818817d3c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 07 Oct 2021 21:18:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "22152-5cdc9cd7ad239"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=255FOawU1Nzy1QW0gqfgv3zYgTxDlNlAgy9FR43MLGEIITZtw2IFZ4i6IKOn2%2F3cUrsYczqzwAsKTFsY9O7ioF2oIY1tg5C1uwdbD4PYoM9anW6CHk9by1tCcMXd2G2u3s479Dxcyx57iEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7acbe8341995d0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139602
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H3 200 email-decode.min.js Show response
libgen.rocks/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://libgen.rocks/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Mar 2023 11:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64145477-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtfX6QduJJuB%2FXZuRKPhrlT963qN2iD%2FoP%2B9GO5lv9BBStlhvcIdmFlzMpZiWrZYxrHJHnrW4XKN0KkFnvuceutV3lNAQDOxYao5FeIdAB6PZloVH9FIAmKP5byf04ITkeEo%2BLBLL6mJcXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7acbe833d970d0b9-AMS
expires: Sun, 26 Mar 2023 03:42:56 GMT

GET
H3 200 popper.min.js Show response
libgen.rocks/js/ 19 KB
7 KB 37ms
36ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/popper.min.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 16 May 2021 04:13:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60a09bf4-4ace"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXm%2F0XsQ8ssUx%2FaKcEyi4itNuXkHIdUBj56i2qm0ctct0cO5C%2Fqz5efB%2BNE2KSmTXWlK5oz2vwSePlpnIpKDlPQLGehvAxFbGv2zmdEWkGUCS6aSHPC1tKZGa%2BCvYgzXU%2BAjBfhlSyIxOaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7acbe8340988d0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 62 KB
16 KB 103ms
35ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2574534
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230066-FRA, cache-yyz4578-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BRpLK8WoLQNUKiBYfLx2Uk7N7RZWpcSz4ugdv6C6AKByPewDsO4GtFJF0xTQdIfvYO32is1BjbJ2Yh4sQ3k5w%2BqZSwP7fN3UFsvN3VpEkfps6DwpzOAz3F5eW0I6eK2cjReUQ2lFFZnKnut76k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7acbe8348deb0119-AMS

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
22 KB 106ms
38ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2574534
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13i6oF5caqYDIhedVsCAQqJErjsZpGS%2FrPn6kPubgGYczSQazaTSTykppxag8yBBH16%2Bj4%2BofjF%2BrX3Po43LTIUBrAwSBv%2FRAoXrjSg33sUTbZ6BImbTYhFU%2B0hu1DrSzL1eNUOnxz2qVXYbuBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7acbe8348dec0119-AMS

GET
H3 200 form-validation.js Show response
libgen.rocks/js/ 686 B
823 B 35ms
34ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/form-validation.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f859e98-2ae"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c39IuVH5raALuw15XvNAdsqaPVtyH5SPLmYwP2NoFT%2BJYJbM9%2B6zA%2Fe%2FRYssurqS%2FoJUVix2k4iZ3SAgR62ovcoKwQSG%2BzwZmPgHJf6nFw4eAo4UMl3QR08k4dzU7AZJ0mPo6o41meZXzac%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7acbe8341990d0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 31 Mar 2023 03:42:56 GMT

GET
H/1.1 403
Forbidden invoke.js
fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/ 0
0 495ms
108ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 24 Mar 2023 03:42:57 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/ 349 KB
117 KB 218ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4139850031026202&plah=libgen.rocks

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2858652b7f5772f18a00a4aca0e7bf24cdd4eb266b6e0352379f746e1506b81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119424
x-xss-protection: 0
server: cafe
etag: 2700707473473413173
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame 6558 10 KB
5 KB 146ms
58ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 24229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 20:59:08 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 20:59:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden invoke.js
fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/ 0
0 109ms
109ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 24 Mar 2023 03:42:57 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 invisible.js Show response
libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 5BB6 35 KB
15 KB 29ms
29ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7acbe8325b1d0bba
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d3e8a01c5a77b4497a0234609f77a08628895da1611a3556f1256dbf0860b8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcTvVxxUKFr5K8W8s7ALUkB1UnRYMEre83NsPXOzy61qI3aTOI6%2FArPbrrDOGXUHdDaPX8rVhPKxmDLmiVVWJv8SGWsUfpeeb0hwFWL%2FFegBuN0Wp4wRkFoxxtNpcebSODVeFGDpwen8%2ByU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7acbe8381c55d0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
606 B 166ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=libgen.rocks&callback=_gfp_s_&client=ca-pub-4139850031026202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4139850031026202&plah=libgen.rocks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

637aa290c17fe54c2a25e4467ed8ec3c60c9edd2686fc333d81b37e2ae6aa8eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 238ms
67ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 197ms
67ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C20 122 KB
38 KB 274ms
274ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1679629377&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629376949&bpp=3&bdt=444&idt=355&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6987284541904&frm=20&pv=2&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=377

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e1e0aa964169787f2f52253f3d0ace67f65da9c55d389965f088f114ea84d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38468
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 03:42:57 GMT
expires: Fri, 24 Mar 2023 03:42:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9EE0 132 KB
36 KB 411ms
410ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=5706997950&adk=2742354776&adf=2937974739&pi=t.ma~as.5706997950&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629376952&bpp=1&bdt=447&idt=380&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=62&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5na6vjfKgC&p=https%3A//libgen.rocks&dtd=384

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08358bce6378f254f7d1429b1c5e40818d83b5bef754e81cc12586df4f7f95c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36703
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 03:42:57 GMT
expires: Fri, 24 Mar 2023 03:42:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50DB 27 KB
11 KB 319ms
319ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=2486455165&adk=2107069244&adf=1045922912&pi=t.ma~as.2486455165&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629377135&bpp=3&bdt=629&idt=204&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1238&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gRag7nTdox&p=https%3A//libgen.rocks&dtd=206

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03710fe70d0893e2188aa5774b78884846a9450262bc59ca1f6949804c9ab47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11311
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 03:42:57 GMT
expires: Fri, 24 Mar 2023 03:42:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pica.js
libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/ Frame 5BB6 7 KB
4 KB 30ms
30ms Other
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00dcb39346473bc107ccf9c58b31b1651b87b2d84fb36027e9a48da7d9ce062f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPtdd8jLlINtDIZuLOVMoYtPF%2BB1q8MZbPRlfSY607cC14hMz5t74dPSiYtVi%2B7YF%2FKfUhNUVEQ15S62kFekwbG1CS%2FwEFW4vIyqXUsuUy0WbH3w%2FVTTPlJsIi2keA%2Bmn9O2OlI3jDzycjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7acbe8388ca1d0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7acbe8325b1d0bba Show response
libgen.rocks/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 5BB6 2 B
656 B 43ms
43ms XHR
text/plain 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/cv/result/7acbe8325b1d0bba
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7acbe8325b1d0bba
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TAz2uVSHW9x7jtx5xbXFv7CTxooYY189Jje5x7y9lteOpFI8PYEUazYNhw6uw44PsZnoA4ncysNIKLuLIbs6AwhszXX9B3m%2FxTPOVED3dtYOYHxL%2BVil18M%2BExX04HoAEW0nnQNZAh3054%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7acbe83a4e06d0b9-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 50DB 3 KB
1 KB 194ms
61ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=2486455165&adk=2107069244&adf=1045922912&pi=t.ma~as.2486455165&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629377135&bpp=3&bdt=629&idt=204&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1238&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gRag7nTdox&p=https%3A//libgen.rocks&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 50DB 20 KB
9 KB 190ms
58ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50DB 158 KB
49 KB 200ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/ 149 KB
51 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

548c8dd17add858400abc916921a3109a5f864dabc765eb16ae54f14d5a76632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52113
x-xss-protection: 0
server: cafe
etag: 12809510500109907350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-4139850031026202&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 50DB 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWhGnQRwdZKWfF4Sq7gOcyI6gBsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDEzOTg1MDAzMTAyNjIwMsgBCakCISjiTAIssj6oAwGqBMABT9ArKheneH1badkfRw5LNr4LFIZXZENbULACU563Y6GgGUsdVMIQnQJi9XvO2_OFMpxkzlF8powuHDRmD4sa8_WZPoaG6Rhc89kfRFH98kAgKTM680dF0KOBsdu80B7E-bbbOe5G2s7T1Ef7a8bgUp78nebubshHQ7sJfTfc6ORwz20PN3gPoQ7mWoKIDA3V927P-pgbOOUkqawueTCY14-kEd77-JBnPHoY_Ma6Dm7U6diXp6IB83WJXLkIbqn6gAaj6Z7-rsuKl0OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQxMzk4NTAwMzEwMjYyMDIYAA&sigh=LqGk5Q3MP54&uach_m=[UACH]&cid=CAQSGwDUE5ym0cdNjkmVJKa4qg15_PXlXWq59MeADxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=2486455165&adk=2107069244&adf=1045922912&pi=t.ma~as.2486455165&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629377135&bpp=3&bdt=629&idt=204&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1238&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gRag7nTdox&p=https%3A//libgen.rocks&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 03:42:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 50DB 0
0 149ms
25ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM-PFOqBMKwC2ASdg2ICAgAAANVHKLDq3NeLEEEcHWQN0jyla66giqyQAAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=ZB0cQQAFz6UKe5UEAAOkHF9Ej96YKxux7IV7aA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 195858
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9F48 49 KB
19 KB 154ms
34ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB0cQQAFz6UKe5UEAAOkHF9Ej96YKxux7IV7aA&u=%7CvtziUGIVek5W6YbhFJEnDXJewx%2FLAFZlPX9ZSZEF7%2FM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XVyx4Jkyo7PIwNtyl1Tzw1FffTzxrYnBBSyfPF6vt5H7IdxuCRaFcsFDIh7BkRjNFKcz7akOkuQCjYua2CjNbhfzS4SS65s9Pi9qglhU_28KXh1UWlnAnK7SGnYEwS5tkwuCBJMqE-JYQgE4oJHTQT2aYLlVPShfwvQUn-YHAdcmi921vuM9ww57vJ3C4fhYQsAAtMffuCh6m7Ph63UoYK80k1RzxeWA-SCilO5MWfsUeoV0Mec8xMI6e_ybTH8vO66DEOWVrBT0gqqB3lLUnAserlW83ujIHT4f_Cv2JUblap_mAryt3JqMhStx8Gm1f0jEKKBLOl6YGcFk9DR7gcf2HLcU-xgRt7SKM0MSnQ6ZUWF4gqU_HyqpBl_eCmeYbMfEVS6UvCIXqmQqbsW5j2DT9lYP3rINAXNybBcpPk4LtutjJidxFW0dUMznzVgowk8aOybDA6u57l2VC2VdG1N2hEeGNV-MBrjKviezVfLDewXpSNAYHpbxXgsaQTIQVXVTuIBvM9tyEk4XrijluJzpxkJfV-N2rd9Psxzad3ba&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0N3QRwdZKWfF4Sq7gOcyI6gBsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDEzOTg1MDAzMTAyNjIwMsgBCakCISjiTAIssj6oAwGqBMMBT9ArKheneH1badkfRw5LNr4LFIZXZENbULACU563Y6GgGUsdVMIQnQJi9XvO2_OFMpxkzlF8powuHDRmD4sa8_WZPoaG6Rhc89kfRFH98kAgKTM680dF0KOBsdu80B7E-bbbOe5G2s7T1Ef7a8bgUp78nebubshHQ7sJfTfc6ORwz20PN3gPoQ7mWoKIDA3V927P-pgbOOUkqe4sWKIfWBO3rkLvW0BamoIR6MwMBEDMa2xfmgTzTGulRDyi6rpF_egNgAaj6Z7-rsuKl0OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bOcHFpY67GkV-QGTSIgFf3BiM4A%26client%3Dca-pub-4139850031026202%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

af60ddc2e7e1a7f448f9b1da67a6ce5638ec4f3e5e468de96ae0d4de3bf2686a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 03:42:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=s8TKr4HuQ4aLDqvufl_0YbnX-iKBjkhn4AB_ZarymvZWAap9u23W03zglnlW2Nr-zplrTGxpfO_yaGPfD_A0god6n5nV2P3VIE2meJkuC0RoJ59mYgiaPnLGgNmQyzqHevHfuodF6wsRgEX4SYRi7k17Pxz3HNKqBk01LfGZw1QArkCjH0ToYkur91F1MBaVaIJDdYMXYApAtLNgWH90t0UFLiZh8YIm4_s5LyXxt59xTokKMW9oxoucKDdwotPKYW-L9g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3012587
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-4139850031026202&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 67ms
66ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 67ms
66ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame 8C31 10 KB
4 KB 60ms
58ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:29:08 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 22:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 9EE0 2 KB
608 B 204ms
70ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=5706997950&adk=2742354776&adf=2937974739&pi=t.ma~as.5706997950&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629376952&bpp=1&bdt=447&idt=380&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=62&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5na6vjfKgC&p=https%3A//libgen.rocks&dtd=384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:02:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 9EE0 2 KB
818 B 84ms
83ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 9EE0 22 KB
9 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 9EE0 3 KB
1 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 9EE0 20 KB
8 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EE0 158 KB
48 KB 149ms
148ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 9EE0 34 KB
14 KB 163ms
89ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:42:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9EE0 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4D8rQRwdZIn5Fv_Xx_APk9aomAm575aBb_zAzMXQEOLGub7DOBABIOiMsiJgkYSghYwYoAG635v5A8gBCagDAcgDywSqBMwBT9CJk1B-4Kp3wKcSE9I_77PbkCzfnbuXSv1qCV02Qxxff2uXx5VDPEw9S3NzVjkLAnZ6nOefgEpHjRLAi_VcmbHeGgQofdZJ6_OQp1lCY9YDYt8VkpaQ1rIMQ_Kw1DjxGQOyeiSoDpZOfYN0nJ8FXUn_qybo531Ta6sv1gzwWxhGgESIDsM4zmiEOhwaFKuDbXLbaHRjNOonkTklDcluVmsyIxnC-lRf-GKyjr6VouDjaNhrVzqxbmTwSTOZxVkj_Fn7WlnG17qphebtwATF7OuXkQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzYP40gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ5acE0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNDEzOTg1MDAzMTAyNjIwMhgA&sigh=xMRXGnQAdHQ&uach_m=[UACH]&cid=CAQSGwDUE5ymQdKa82ZgU5zpGgAYVlnhF05mSOKZ9hgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=5706997950&adk=2742354776&adf=2937974739&pi=t.ma~as.5706997950&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629376952&bpp=1&bdt=447&idt=380&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=62&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5na6vjfKgC&p=https%3A//libgen.rocks&dtd=384
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 03:42:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9EE0 18 KB
18 KB 204ms
121ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTOHaxAB6vFmQbhmhklmWGXw0HQaMYSSW--0xAOOX2h2avHDpo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

725fc63c27a1a437f28625e22c2bf4cf82e5e4a5b310611c3d6869c7c12f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:06:16 GMT
x-content-type-options: nosniff
age: 121001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18318
x-xss-protection: 0
last-modified: Sat, 22 May 2021 07:31:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 18:06:16 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9EE0 27 KB
28 KB 204ms
59ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQMNf9UVEKMhay9MnC2iXtaFbr82mjcPUoHyfUArXYaUpLK5CaR180lND41lzs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a197c3e3e0ab7c776f7ac2cc13067555ee07e72a01a4fe3df740c9065b2fe19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:14 GMT
x-content-type-options: nosniff
age: 121063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27818
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 02:35:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 18:05:14 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9EE0 25 KB
25 KB 215ms
137ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTl5MxZxDnU66S4YnpR91E4mCl7YjMllR_1wm3biU7hGw8PXVcAGrZVI8DiaA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5bf5fa63093a50635a786282d7478ce545e66b07a7a7d0da2370c5c672d1c0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:36 GMT
x-content-type-options: nosniff
age: 121041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25649
x-xss-protection: 0
last-modified: Sat, 28 Jan 2023 13:21:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 18:05:36 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9EE0 23 KB
23 KB 216ms
133ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQpB1s6It8nnyjn5Gm52egbtPj8Cm8-Z7MBXikXOm8z284TuShN&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3926c1c05d02c2d063c684ff61d3d823806ea7a685826649b5a990dff99f886b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 19:30:53 GMT
x-content-type-options: nosniff
age: 115924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23365
x-xss-protection: 0
last-modified: Sun, 02 May 2021 03:32:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 19:30:53 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9EE0 22 KB
22 KB 200ms
122ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR2exo-joIu441Mu1Ivo55dfn5-s2BSfLBHI_4NKTdFOxh9KAP4txMI-4TBCV8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

763a538ebac785c820d6ab3381f0357d87e8b458dcf6a56da9b4044eff23565b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:13:56 GMT
x-content-type-options: nosniff
age: 527341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22665
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 06:24:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 17 Mar 2024 01:13:56 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9EE0 33 KB
34 KB 138ms
60ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTtNCuUeLkeaNsYA2jijvEpwcXNqRMc15Dk9KzboErCM0SRqhVmJcnluR2ktA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87d20dd11b3d02c0505fa187f3fd0612ea5f83cbaa7696a2171c85cb434f76a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:17 GMT
x-content-type-options: nosniff
age: 121060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34001
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 02:56:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 18:05:17 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9EE0 19 KB
19 KB 257ms
180ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTv2__rkr4T9jy7VRi3KOOJYYfmKlNYGqg1HFHyl_VjMV5RIAGlkTp4_ySI6bk&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b24349cbf240cb3c1eb3f35c18aaa36b8247916384f63b9f85179faf8b0772b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 02:09:18 GMT
x-content-type-options: nosniff
age: 178419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19366
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 02:21:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 02:09:18 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9EE0 30 KB
30 KB 142ms
60ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcROWrzKk5rCr_5x43hLn5Ol5Q4LichzrJrMHlsJ_CYbJ0dLgvVR4dbNCU26d7U&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea14b08e2a0d17c12d77ae66531f59a1274447399849eb78ac6e54659a4b59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:06:38 GMT
x-content-type-options: nosniff
age: 120979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30249
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:00:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Mar 2024 18:06:38 GMT

GET
H2

200

6750730227827852970
tpc.googlesyndication.com/simgad/ Frame 9EE0
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCXpqu42gEQkAEYkAEyCCjCB-EB92Hx
https://tpc.googlesyndication.com/simgad/6750730227827852970

17 KB
17 KB

58ms
57ms

Image
image/jpeg

2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6750730227827852970

Requested by

Protocol

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b5753580de992cd3b18a968d9c6686c11240546a87d59db39991032bfbeda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 09:17:34 GMT
x-content-type-options: nosniff
age: 498323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16954
x-xss-protection: 0
last-modified: Thu, 21 May 2020 07:50:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 09:17:34 GMT

Redirect headers

date: Thu, 23 Mar 2023 15:19:58 GMT
x-content-type-options: nosniff
server: cafe
age: 44579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6750730227827852970
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Apr 2023 15:19:58 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9F48 2 KB
1 KB 91ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB0cQQAFz6UKe5UEAAOkHF9Ej96YKxux7IV7aA&u=%7CvtziUGIVek5W6YbhFJEnDXJewx%2FLAFZlPX9ZSZEF7%2FM%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XVyx4Jkyo7PIwNtyl1Tzw1FffTzxrYnBBSyfPF6vt5H7IdxuCRaFcsFDIh7BkRjNFKcz7akOkuQCjYua2CjNbhfzS4SS65s9Pi9qglhU_28KXh1UWlnAnK7SGnYEwS5tkwuCBJMqE-JYQgE4oJHTQT2aYLlVPShfwvQUn-YHAdcmi921vuM9ww57vJ3C4fhYQsAAtMffuCh6m7Ph63UoYK80k1RzxeWA-SCilO5MWfsUeoV0Mec8xMI6e_ybTH8vO66DEOWVrBT0gqqB3lLUnAserlW83ujIHT4f_Cv2JUblap_mAryt3JqMhStx8Gm1f0jEKKBLOl6YGcFk9DR7gcf2HLcU-xgRt7SKM0MSnQ6ZUWF4gqU_HyqpBl_eCmeYbMfEVS6UvCIXqmQqbsW5j2DT9lYP3rINAXNybBcpPk4LtutjJidxFW0dUMznzVgowk8aOybDA6u57l2VC2VdG1N2hEeGNV-MBrjKviezVfLDewXpSNAYHpbxXgsaQTIQVXVTuIBvM9tyEk4XrijluJzpxkJfV-N2rd9Psxzad3ba&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0N3QRwdZKWfF4Sq7gOcyI6gBsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDEzOTg1MDAzMTAyNjIwMsgBCakCISjiTAIssj6oAwGqBMMBT9ArKheneH1badkfRw5LNr4LFIZXZENbULACU563Y6GgGUsdVMIQnQJi9XvO2_OFMpxkzlF8powuHDRmD4sa8_WZPoaG6Rhc89kfRFH98kAgKTM680dF0KOBsdu80B7E-bbbOe5G2s7T1Ef7a8bgUp78nebubshHQ7sJfTfc6ORwz20PN3gPoQ7mWoKIDA3V927P-pgbOOUkqe4sWKIfWBO3rkLvW0BamoIR6MwMBEDMa2xfmgTzTGulRDyi6rpF_egNgAaj6Z7-rsuKl0OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bOcHFpY67GkV-QGTSIgFf3BiM4A%26client%3Dca-pub-4139850031026202%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Mar 2024 03:42:57 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 9F48 2 KB
1 KB 93ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Mar 2024 03:42:57 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9F48 308 B
636 B 90ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 18 Mar 2024 03:42:57 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9F48 293 B
621 B 91ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 18 Mar 2024 03:42:57 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9F48 43 B
348 B 214ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=KKiAbXPb-Scvc8i3j2wlGXJv3camUVYJsVtSzWVCMNJBdwWtLiULLzfb6zmT6YSrTE6bg7s_k5dYw9n0NGU_319JUataYWbrwym1JnnlYgNjQryG6xizRn0AdTPDZRPwKnDOuXy5Shs6qtjCPFpUl6uqChjhQkB_nPnCz640F0gQHD4SXx51yumgQw7l5pDDKxbiI5zpj_oiCOsSbDb72yPr6wuwG3PXg_As8JBWCEeepDLXhOc4LFPOjVqVPawJgRwkLAEKqGNubHEcB9fFFNozT01CY5b_9vt20rwCBkKhmJJIshPGXW-T2KxY2MvVY6il6RzhAlIyB-4ssLiJLTqLPKp9tVjIXprhZgw_-6v4Wup8DWKF5YNPXwu-JGotxTARUIpidh0Vopz_vxsXYoy6AbR5biO0FYonfQVEE9cwVsYL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1615245
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4ffd052a8c724fc6bf89706d5f850410_300x600.png
static.criteo.net/design/dt/97384/230209/ Frame 9F48 52 KB
53 KB 123ms
63ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/97384/230209/4ffd052a8c724fc6bf89706d5f850410_300x600.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5367fed12d98bf5ace551537fcc6d8298d558982b98d175eeb6347b384176a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 09 Feb 2023 09:31:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63e4bd55-d1fb"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 53755
expires: Mon, 18 Mar 2024 03:42:57 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9F48 0
128 B 239ms
35ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=s8TKr4HuQ4aLDqvufl_0YbnX-iKBjkhn4AB_ZarymvZWAap9u23W03zglnlW2Nr-zplrTGxpfO_yaGPfD_A0god6n5nV2P3VIE2meJkuC0RoJ59mYgiaPnLGgNmQyzqHevHfuodF6wsRgEX4SYRi7k17Pxz3HNKqBk01LfGZw1QArkCjH0ToYkur91F1MBaVaIJDdYMXYApAtLNgWH90t0UFLiZh8YIm4_s5LyXxt59xTokKMW9oxoucKDdwotPKYW-L9g&sds=2&rev=85392&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Mar 2023 03:42:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9F48 2 KB
1 KB 77ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Mar 2024 03:42:57 GMT

GET
H2 200 914be99cd47eba54dcad56263af893ff.js Show response
www.gstatic.com/mysidia/ Frame 8C31 10 KB
5 KB 70ms
59ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/914be99cd47eba54dcad56263af893ff.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 15:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4426
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 15:49:51 GMT

GET
H2 200 ac0c6a231e88d9464440510a6151318d.js Show response
www.gstatic.com/mysidia/ Frame 8C31 19 KB
8 KB 134ms
123ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac0c6a231e88d9464440510a6151318d.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5105ebe3e7f2a7d345edfa9306ec534f53e10e78bd75b0d17c1933438a2b97e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 17:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7824
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 17:29:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C31 8 KB
1 KB 132ms
68ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:06:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 8C31 2 KB
799 B 62ms
59ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 8C31 6 KB
2 KB 138ms
129ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 06:37:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 8C31 22 KB
9 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40731
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 8C31 3 KB
1 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 8C31 20 KB
8 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C31 158 KB
48 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 03:42:57 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 8C31 34 KB
14 KB 68ms
61ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 19 Mar 2023 02:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 21:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 02:42:45 GMT

GET
DATA 200
OK truncated
/ Frame 50DB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29646e1e87a4e7554c28f8092144dcfde3ee2e5554ceb409ab8f1ab2003c5dea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9EE0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 620cfd06defd55acd0ac30232c76956beb0cda12ed3c90da7e56f04ab79bbd2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/583586878475477141/ Frame 8C31 13 KB
13 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/583586878475477141/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4595ebc7f18fe395f4dcd12bc59257b9bcab8887f68fa913dae6939f07c26ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 19:33:28 GMT
x-content-type-options: nosniff
age: 202170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13390
x-xss-protection: 0
last-modified: Fri, 20 Jan 2023 18:33:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Mar 2024 19:33:28 GMT

GET
DATA 200
OK truncated
/ Frame 8C31 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8C31 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9EE0 20 KB
21 KB 181ms
58ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 241518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C31 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZkJEQRwdZJWSFv7Hx_APq_Oz0AemraCkb_iCmZalEfmH4tO9KhABIOiMsiJgkYSghYwYoAH_24rIA8gBCagDAcgDywSqBMoBT9DIAlf9mSfRFwsMrmMDy82A94BzMC2S-sZCHz2b9QFr8dxrep6IoTFeqjvdBtZAzXe9Bh7m54aoVavwPEwqBOzvx2QjUDarxqPfy0vn32ueR5MbC3wf9afGzkanVJI4BAjz8sn-6hBCkN8u0eumuMvv00eIiQvGUguc-6vYTr4kr9VQSXNSRFKYk5m6rDGs_P1_IgVZ1joJenNJBAj9LIlzjqPwrDAkPDYs9Y2y68XXd_WI5PFDpBJe7GApREXABXnteSFw2ut8ocAEwtaE0agEkgUECAQYAZIFBAgFGASgBi6AB5aGraICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9sIB0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNDEzOTg1MDAzMTAyNjIwMhgA&sigh=HYMBKCZ0f-g&uach_m=[UACH]&cid=CAQSGwDUE5ymamVc2s7Bg2IX4ClWfhtEBo3ZRkKCDBgB&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 03:42:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C31 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c8f2ca761223daf065247e3d0f0efe899730ec4054ab50da274e86fb56b3fe7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 50DB 62 KB
24 KB 212ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855dfbae42eb6ae7faaa629932dad117408a1dbc5d5639295cbddbe201fd7503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1500
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23701
x-xss-protection: 0
server: cafe
etag: 7854693023074191513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 04:17:58 GMT

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AE5 36 KB
14 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 22:05:56 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C31 0
20 B 95ms
94ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2xlYWRlcmJvYXJkCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAAAAKkAwBAoNEAMhAACAzMzEckAwBAoNEAohAAAAIDMzGUAwBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDEwMDV4MTI0MAQKDhAZKggxMDA1eDEyNDAECg0QDiEAAAAAAAAAADAECg0QBCEAAAAAADhzQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA1QDAECg0QBSEAAIDMzDxzQDAECg0QECEAAAAAAPGyQDAECg0QESEAAAAA4EXxQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAIDMzIR1QDAECg0QFCEAAAAAcOb0QDAECg0QFSEAAAAAAAAmQDAECg0QFiEAAAAAAAAQQDAECg0QGCEAAICZmUF3QDAECg0QMiEAAACYmZk5QDAECg0QMyEAAACYmZk5QDAECg0QNCEAAACYmZk5QDAECg0QNSEAAACYmZk5QDAECg0QNiEAAACYmZk5QDAECg0QNyEAAACYmZk5QDAECg0QOCEAAAAwMzM8QDAECg0QOSEAAABmZoZVQDAECg0QOiEAAAAyM_NVQDAECg0QOyEAAAAAAHB1QDAECg0QPCEAAAAAAHB1QDAECg0QPSEAAIDMzIR1QDAECg0QPiEAAIBmZr52QDAECg0QPyEAAIBmZr52QDAECg0QQCEAAAAAAGh3QDAEEhpDTlcya1lQVDhfMENGZjdqRVFnZHFfa01lZyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/ac0c6a231e88d9464440510a6151318d.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 73ms
73ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230322&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9b4d8fdab6c4ce14eecca674c5452412dd19656f94905fe3bf546b9d840b5b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11395
x-xss-protection: 0

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame BBA4 36 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 22:05:56 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50DB 0
20 B 94ms
94ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=urind

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 50DB 0
225 B 94ms
28ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lflzyqtz&e=21068133&ctx=2&gqid=QRwdZK_MFo2W7_UP14O8OA&qqid=COXDkoPT8_0CFQSVewodHKQDZA&met.4=fb.9f~lb.f7~ol.lc~bdt.-n8~bpp.-5o~idt.-3~dtd.-1~dt.-5r&met.3=733.ih~748.j4~749.j5~742.ig_t~736.jc~735.jx_1~739.k3~738.lc~113.t6_5~112.t5_7&met.1=1.lflzyq0u~6.0~7.0~8.0~9.0~10.0~12.1~13.8w~14.94~15.93~16.k3~17.k3~18.k3~19.lc~20.lc~21.lc~22.fd~23.fd&met.7=CAUQCBgBMMgCOIAGaAFwwAJ421qAAa9YiAG82QGwAQG4AQM~CB4QChgBIM0CKM0CMJAEOMMBaNIDcI8EeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIM0CKM0CMI8EOMIBQM4CSNoCUNoCWNIDYPoCaNIDcIwEeN9FgAGzQ4gB9aIBsAEBuAED~CE0QChgBIM0CKM0CMOsEOJ4CQM4CSNUCUNUCWNIDYI4DaNIDcJYEeLCFA4ABhIMDiAGZ8QmwAQG4AQM~CCEQBBgBINUCKNUCMLkDOGRo1gJwuAN4rAKwAQG4AQM~CBsQBCDVAjiWAQ~CBsQBSDWAjiqAw~CCgQChgBIIkGKIkGMJYIOI4CQIkGSKgGUKgGWKMHYOEGaKMHcN0HeMG7AYABlbkBiAHg8QOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 03:42:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AB4 13 KB
5 KB 58ms
58ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 11936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 00:24:02 GMT
expires: Sat, 23 Mar 2024 00:24:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9F3E 783 B
1 KB 145ms
74ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64522eb8148039afa82855e4844c9326f3e4e490311fac27cae831f08cfdff76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qqr3Kt3VfnxfoIDoea1Rmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Qqr3Kt3VfnxfoIDoea1Rmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 03:42:58 GMT
expires: Fri, 24 Mar 2023 03:42:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AB4 36 KB
14 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 22:05:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9F3E 0
0 93ms
93ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230322&jk=4197847872777902&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2AB4 0
10 B 58ms
57ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E-bRBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 03:42:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 9F48 0
127 B 35ms
35ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Mar 2023 03:42:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50DB 42 B
64 B 94ms
93ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnegcITd72JK8kUnPUGk_cov1mtAkegeWeyHuTrBaXCeoFnUGCrFHk5qmlU_RvnM74DWPg4UH1NDDDDlpIv-BtuQg&sig=Cg0ArKJSzH63FHzGg6haEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2107069244&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679629377342&rpt=689&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C31 42 B
64 B 98ms
98ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusYgLSiRL_O5pqneuhTdAbuNyrVvXoZL8jP89iE816CNlLTX2AVCCOqg-Z9bpO3ruI9KRG40tVR39qGAwQoB0xqsAuDtcvXFkyapjXJqm1bQkWM7AXxxIkfTlvdyt0M8iyIO0wTA&sai=AMfl-YSi-1r9zCC7nGA7BpT1LE5DtxedU-lgdNcDZYrnbvpaTwE8ch9mMCfbudyXl6OnbIC5M4tE04aQhSTf&sig=Cg0ArKJSzI2AwDYAARXgEAE&cid=CAQSGwDUE5ymamVc2s7Bg2IX4ClWfhtEBo3ZRkKCDBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=81,724,1000,1015,1015&tos=81,643,276,15,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679629377779&rpt=372&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230322&jk=4197847872777902&bg=!GRqlGk7NAAbO2UOH7tk7ADkAdvg8WmAqM0YyYeURq00LCPKJEkonxpki4LufG8LHmPTiGjp-CFfNUp5kiBN6KlbNixcGGvzOz1YCAAAAWVIAAAACaAEHmQKiZvNXNJO6xomiqZMYSAfy0sKy9_Iw9MW4u9The0bPP-NJZ5wJbZ3Y2N4c3ZL9whsX0lJFSrNYFgbcs2cwRLav6MRGlQjbFtqCa2xoX0st5RToDx1WAsWoUMnbQ8_1mA3JVhvvmBYTGUJ2qzuvLeQt_tTd3AM2jmZqdof-4PkDrstq4WNbJoVLG3BTtNW78-aZlEHAQrecAEMh4ZFEJKUVOuOAv0zvJ1-hTomW2L9T4PQN0SwkoTp1GJfGLeteZ9HSNnbAEzwcqj-jfut0Vh5vsnFz4BZXSCGulpwUU6wFoFJJxyyDnYDZOEBd0zLLu1yxy3JR96q0k5hpEbBrKWg2GxbPTLcWa9JqRIhj5pCEgR8O0ugkA2liL1tUjGyZICRQWYQeRZvuYT1PXNTtU91uRQPsaXKxhgRselax_yznxtJ-bZQ6PGX326U_d0o3bR26VN9v6KP88iAJFcc1o3z4uaNsPnyVY8N2OmU5SJLakf05q2AogXqxgjgmlOGYftI_lfN5uXcYVpMirz6PYw7EllsW4e4Eclq5acjWymPiZMIRNuRo0BF3Qy3if2re3_VIRWvOvan4egKIJpCVhy_Y9NU3uyLkqwPlbun07T6ekU7e4qOnqeEr8r2yIERGMcQ7DuOXMDc_0Wct8E7k9sRrFjLKzQtbjJXZPceiL-r-FPhnHhs_0teH8D8iR3rKx1rHoIAy9_Ud2ZRR6lW868Z9M269WmPesysmzFd3N-4HoaqwfknYiSicga6Zm5sdnYg2YmKsvNui7gwckEWY0_eMPTg2Hke5oarA9m9_gVuLbAGEeYeh_XAUp9XL_6sfnh9UEZs3ia2UnBFY1uAW5u2vw7V14hiCfagO-KvDVZUAL49BVS9PbGKzaWT2fq3X8ED0hF0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9EE0 42 B
64 B 97ms
96ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuajYjAJIt-jkROhuX7skynivjMGniRdzHrNyhUdkq-5ZwEifwVOmPmEmuFktGmeN7s4kyjtvhng1CFc0RBN-h6EkEiQS-b2y_LvAl00B1XmVFLe30on21Rot6wqRp5Y37GczGtAw&sai=AMfl-YRLBLFqYfiAENDKQo6ShCxE61x-U5Wx4jjzTCdE_ewUlrFux5Ks66zZeolrvciCjIHzR9d4HcN_2pSp&sig=Cg0ArKJSzDRwtnpOPKPqEAE&cid=CAQSGwDUE5ymQdKa82ZgU5zpGgAYVlnhF05mSOKZ9hgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230322&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2742354776&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679629377337&rpt=1001&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 03:42:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
libgen.rocks/	1970-01-20 10:33:52	Name: adsenselg Value: show
libgen.rocks/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1rkghlnklvpe3oid6a0c2u64c4
.libgen.rocks/	1970-01-20 19:55:25	Name: __gads Value: ID=85223f11954e0c36-22b80432e0de000f:T=1679629377:RT=1679629377:S=ALNI_MYRRj689KNDSL84HX_uE-k_yveW9w
.libgen.rocks/	1970-01-20 19:55:25	Name: __gpi Value: UID=00000a2f97d41d1e:T=1679629377:RT=1679629377:S=ALNI_MZlTzhYSBU2oAPsztpHF0h5wLj6Ew
.libgen.rocks/	1970-01-20 10:33:51	Name: __cf_bm Value: dPmjcqZ3VW2UyeMH7Eo9C9Dkj8HROG5E71bjH6DDmPI-1679629377-0-ASnK+ukV7gIrG52W6gMUP7Czesd+TBMslYsHg9pw3j+JyOxNE/yXCrjA+5yqazkkjVpyPYkQUwl3QnV0cTU7uIElyVvlcm+heSvXZyQ0PftUxFOsn26TGF0axkSJCBXarw==
.doubleclick.net/	1970-01-20 19:55:25	Name: IDE Value: AHWqTUluDJPTENYadi3Q-wBnB8SNwxkhPj2dCaFkTjl4t-iflaiCb1aYBopuQtxAvzg

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F(Line 327) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F(Line 327) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F(Line 371) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://libgen.rocks/ads.php?md5=89D70F8C9274C34908E9445942230A7F(Line 371) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&h=600&slotname=2486455165&adk=2107069244&adf=1045922912&pi=t.ma~as.2486455165&w=300&lmt=1679629377&format=300x600&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D89D70F8C9274C34908E9445942230A7F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679629377135&bpp=3&bdt=629&idt=204&shv=r20230322&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6987284541904&frm=20&pv=1&ga_vid=1381947199.1679629377&ga_sid=1679629377&ga_hid=1383130847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1238&ady=131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C44773809%2C44786631&oid=2&pvsid=4197847872777902&tmod=283222136&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gRag7nTdox&p=https%3A//libgen.rocks&dtd=206 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-4139850031026202&fa=1&ifi=4&uci=a!4&xpc=ztRTghUkRN&p=https%3A//libgen.rocks Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.nl
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
code.jquery.com
csi.gstatic.com
csm.eu.criteo.net
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fertilisedshoe.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
libgen.lc
libgen.rocks
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
173.233.137.44
178.250.1.6
2001:4860:4802:32::3
2001:4de0:ac18::1:a:2a
2606:4700:3036::ac43:c53e
2606:4700::6810:5714
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a02:2638:3::12
2a02:2638:3::9
2a02:2638::21
2a02:2638::3
89.248.170.56
00dcb39346473bc107ccf9c58b31b1651b87b2d84fb36027e9a48da7d9ce062f
08358bce6378f254f7d1429b1c5e40818d83b5bef754e81cc12586df4f7f95c6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439
164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf
1665e53681ca0c9d196425fb71f94996ef4a495a489c7dda67bead9799615d98
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2858652b7f5772f18a00a4aca0e7bf24cdd4eb266b6e0352379f746e1506b81c
29646e1e87a4e7554c28f8092144dcfde3ee2e5554ceb409ab8f1ab2003c5dea
2c8f2ca761223daf065247e3d0f0efe899730ec4054ab50da274e86fb56b3fe7
2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13
3926c1c05d02c2d063c684ff61d3d823806ea7a685826649b5a990dff99f886b
3d9837c8ce7fd34ff3c9092be72ddb53fa8b461733c11305fba513c24e39de62
446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4595ebc7f18fe395f4dcd12bc59257b9bcab8887f68fa913dae6939f07c26ce0
4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9
4a197c3e3e0ab7c776f7ac2cc13067555ee07e72a01a4fe3df740c9065b2fe19
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea14b08e2a0d17c12d77ae66531f59a1274447399849eb78ac6e54659a4b59f
5105ebe3e7f2a7d345edfa9306ec534f53e10e78bd75b0d17c1933438a2b97e0
5367fed12d98bf5ace551537fcc6d8298d558982b98d175eeb6347b384176a98
548c8dd17add858400abc916921a3109a5f864dabc765eb16ae54f14d5a76632
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5e1e0aa964169787f2f52253f3d0ace67f65da9c55d389965f088f114ea84d13
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620cfd06defd55acd0ac30232c76956beb0cda12ed3c90da7e56f04ab79bbd2f
637aa290c17fe54c2a25e4467ed8ec3c60c9edd2686fc333d81b37e2ae6aa8eb
64522eb8148039afa82855e4844c9326f3e4e490311fac27cae831f08cfdff76
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
725fc63c27a1a437f28625e22c2bf4cf82e5e4a5b310611c3d6869c7c12f7128
763a538ebac785c820d6ab3381f0357d87e8b458dcf6a56da9b4044eff23565b
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
855dfbae42eb6ae7faaa629932dad117408a1dbc5d5639295cbddbe201fd7503
87d20dd11b3d02c0505fa187f3fd0612ea5f83cbaa7696a2171c85cb434f76a3
8d3e8a01c5a77b4497a0234609f77a08628895da1611a3556f1256dbf0860b8d
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac6495fb522ab39728b1e97ee6d333e5205aca17f6b0da56f79d6c5dd1d60356
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af60ddc2e7e1a7f448f9b1da67a6ce5638ec4f3e5e468de96ae0d4de3bf2686a
b24349cbf240cb3c1eb3f35c18aaa36b8247916384f63b9f85179faf8b0772b3
b245ab42e4d6c83d0e32dd1d7699d6389eb3f9d528364023e0177f818817d3c8
b9b4d8fdab6c4ce14eecca674c5452412dd19656f94905fe3bf546b9d840b5b6
c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d03710fe70d0893e2188aa5774b78884846a9450262bc59ca1f6949804c9ab47
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b5753580de992cd3b18a968d9c6686c11240546a87d59db39991032bfbeda3
ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5bf5fa63093a50635a786282d7478ce545e66b07a7a7d0da2370c5c672d1c0a
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

libgen.rocks Open in urlscan Pro 2606:4700:3036::ac43:c53e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

99 %HTTPS

88 %IPv6

15 Domains

26 Subdomains

24 IPs

4 Countries

1241 kBTransfer

2838 kBSize

6 Cookies

23 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

libgen.rocks Open in urlscan Pro
2606:4700:3036::ac43:c53e Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

99 %
HTTPS

88 %
IPv6

15
Domains

26
Subdomains

24
IPs

4
Countries

1241 kB
Transfer

2838 kB
Size

6
Cookies

95 HTTP transactions
5 data transactions