libgen.rocks Open in urlscan Pro
2606:4700:3036::ac43:c53e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Effective URL:
https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Submission: On July 11 via manual (July 11th 2023, 7:59:46 am UTC) from AE — Scanned from NL

Summary HTTP 75 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 75 HTTP transactions. The main IP is 2606:4700:3036::ac43:c53e, located in United States and belongs to CLOUDFLARENET, US. The main domain is libgen.rocks. The Cisco Umbrella rank of the primary domain is 798580.
TLS certificate: Issued by GTS CA 1P5 on June 19th 2023. Valid for: 3 months.

This is the only time libgen.rocks was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	89.248.170.56 89.248.170.56	202425 (INT-NETWORK) (INT-NETWORK)
1 13	2606:4700:303... 2606:4700:3036::ac43:c53e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	173.233.139.164 173.233.139.164	7979 (SERVERS-COM) (SERVERS-COM)
12	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
75	19

2 89.248.170.56 (Amsterdam, Netherlands) 2 redirects

ASN202425 (INT-NETWORK, SC)

libgen.lc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3036::ac43:c53e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

libgen.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)

fertilisedshoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 568 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7998 csm.eu.criteo.net — Cisco Umbrella Rank: 7838	129 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	59 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	289 KB
13	libgen.rocks 1 redirects libgen.rocks — Cisco Umbrella Rank: 798580	309 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	27 KB
4	fertilisedshoe.com fertilisedshoe.com — Cisco Umbrella Rank: 892973
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7742 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9055 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15453	58 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	39 KB
2	libgen.lc 2 redirects libgen.lc — Cisco Umbrella Rank: 786361	465 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	57 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	603 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	30 KB
75	12

	Domain	Requested by
13	libgen.rocks	1 redirects libgen.rocks
12	fundingchoicesmessages.google.com	libgen.rocks
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	libgen.rocks pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	static.criteo.net	ads.eu.criteo.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fertilisedshoe.com	libgen.rocks
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	libgen.rocks
2	libgen.lc	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	libgen.rocks
75	19

This site contains links to these domains. Also see Links.

Domain
libgenfrialc7tguyjywa36vtrdcplwpxaw43h6o63dmmwhvavo5rqqd.onion
phillm.net
libgen.rs
ftp.libgen.lc
libruslib.ucoz.com
b-ok.cc
sci-hub.ru
magzdb.org
nlr.ru
rsl.ru
loc.gov
comicvine.gamespot.com
cyberleninka.ru
lib.rus.ec
flibusta.net
goodreads.com
worldcat.org
wiki.archiveteam.org
www.reddit.com
pilimi.org
www.worldcat.org
www.goodreads.com
www.abebooks.com

Subject Issuer	Validity	Valid
libgen.rocks GTS CA 1P5	`2023-06-19` - `2023-09-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
fertilisedshoe.com R3	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Frame ID: 2F3A9A6E701780C14CB1D99DF07B8AC9
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html
Frame ID: A07F2DEF4DC3F5478C15AA10FBD5EFA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1689062380&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D10FF76C135F92B7F1D3A3B3D772F36CB&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689062380482&bpp=3&bdt=327&idt=238&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5889614030982&frm=20&pv=2&ga_vid=1757895224.1689062381&ga_sid=1689062381&ga_hid=1242947069&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31075758%2C31075811%2C31075823%2C31075972%2C44788441%2C44796477&oid=2&pvsid=1389311394136339&tmod=1201903711&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=260
Frame ID: D0C42BA9BF0A9EA711CCA767B3FFE607
Requests: 1 HTTP requests in this frame

Frame: https://libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: 374CA4B8C63EEC19A0A674B186A77C8B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7911899AFAABCC90C2A80B1B3DB991EA
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZK0L7AAM7HIGrRS3AAr0Ja6u92cEagjOE-vBpg&u=%7C7NCX9gesysYyCsGn8ep3yebZpwFRf5QZEap8byqWybc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9gX83Bwsauy06zFrm0Fi-YdF8b2H7kedDXe8GUf1AtZlNUjn3SuJPgZdYBlaqIuiYRK2i1ZJ0HLvmtqXBWyXEe_bj8L5x2GXVKYuGrFpQA8vRBD5XhxygCsEfZyzAP6GJems-Z_HTRk--261PU4EcLa4gBwX5wlFO6QmIjY2NmZ08_p1VRngRsR9AsBdTLQjhsjBrMwQcK9JizbvaEJqsIFPWgDxi2P_vlK15Uh_jyBVGxyxNfPUU6SJpcwKb8OkbECx236Zb9bUBbNO7z0Nh9wXekCvSdW_Z8Jyydzt6-t5BNDnxc4zAXHW4k2701dqN1fz4V0qiIuKXs51Ggyeo9DMJYSn-OtvWLnsHuDQdVZpvAsIMEJScuYHPx0elQSFXk_ZXu8sWv8Ap059WglzwVeqtqKZoJ3nvVk5rf05t7e3txKDSx1_vCjrs0m-ez57_83kVmkQtJMxx2yUwPs3WC4ns1SZbgQ3FdoEnMStdGsWAJ0PCSxeTg3FQ-qN15nJsItKpjDuXuwLWTBFG4wEzXHA0huQqfzaaPoXgpSoRewMLzdQ6XUCOlHxke8tnD-MM-ycFYmUoR39PlEVG9QvQhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvgxo7AutZPLYM7eptOUPpeirwAXJntKxXPWR3r6xAcCNtwEQASAAYK8FggEXY2EtcHViLTQxMzk4NTAwMzEwMjYyMDLIAQmpAud0FNX2e7I-qAMByAMCqgTFAU_QeD3Sj5hTVbVMqz_4b5vHswyWvJ5fqQ4GGcVgsDEIY85MlYc3BQtxu8n8qLdeXqnl2LhNSlN96oHwVfGB_0R7dT1VEN-ea9HKebrlBXlQvsQly4sX7dnCWHkLSCMUEylnpaQQ07npKOObcVcJxKP3LawAYfENWhDjVIitoDuqJjKeeG2cZGuWDpnZUA_rTW84XllPl2IjF6-UFCSAqTomkk1VT7hQHbK9BC_05132xMCTJ5Q1vN05Us7g2hMvno-bka49gAajiq2-1eDsyZoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1jJ3y-texF5TmBksRlVCG6dxulGA%26client%3Dca-pub-4139850031026202%26adurl%3D
Frame ID: 06F7F2917BF0FDB0807055CB71B27F07
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 941C654B2BAA0BCE99024A6CCD9D1499
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A0AA6CDD3CC380FC932A486141AA2A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Library Genesis

Page URL History Show full URLs

http://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB HTTP 307
https://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB HTTP 307
https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

75
Requests

99 %
HTTPS

84 %
IPv6

12
Domains

19
Subdomains

19
IPs

4
Countries

997 kB
Transfer

2261 kB
Size

6
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://libgenfrialc7tguyjywa36vtrdcplwpxaw43h6o63dmmwhvavo5rqqd.onion/
Title: TOR

Search URL Search Domain Scan URL

URL: https://phillm.net/libgen-stats-table.php
Title: Torrents status

Search URL Search Domain Scan URL

URL: http://libgen.rs/dbdumps/
Title: libgen.rs (gen.lib.rus.ec)

Search URL Search Domain Scan URL

URL: ftp://ftp.libgen.lc/upload/
Title: FTP

Search URL Search Domain Scan URL

URL: http://libruslib.ucoz.com/index/libgen_bibliotekar/0-5
Title: Libgen librarian for desktop

Search URL Search Domain Scan URL

URL: https://b-ok.cc/fulltext/
Title: Full text search

Search URL Search Domain Scan URL

URL: http://sci-hub.ru/
Title: Sci-hub

Search URL Search Domain Scan URL

URL: http://magzdb.org/
Title: Magzdb.org

Search URL Search Domain Scan URL

URL: http://nlr.ru/rlin/Periodika_rus.php
Title: РНБ

Search URL Search Domain Scan URL

URL: http://rsl.ru/
Title: РГБ

Search URL Search Domain Scan URL

URL: http://loc.gov/
Title: LOC

Search URL Search Domain Scan URL

URL: https://comicvine.gamespot.com/
Title: ComicVine

Search URL Search Domain Scan URL

URL: http://cyberleninka.ru/
Title: Cyberleninka

Search URL Search Domain Scan URL

URL: http://lib.rus.ec/
Title: Lib.rus.ec

Search URL Search Domain Scan URL

URL: http://flibusta.net/
Title: Flibusta.net

Search URL Search Domain Scan URL

URL: http://goodreads.com/
Title: Goodreads.com

Search URL Search Domain Scan URL

URL: http://worldcat.org/
Title: Worldcat.org

Search URL Search Domain Scan URL

URL: https://wiki.archiveteam.org/
Title: Archive team

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/libgen/
Title: Reddit

Search URL Search Domain Scan URL

URL: http://pilimi.org/
Title: Pilimi (Z-lib archives)

Search URL Search Domain Scan URL

URL: https://www.worldcat.org/search?qt=worldcat_org_bks&q=The%20Quantum%20Labyrinth%3A%20How%20Richard%20Feynman%20and%20John%20Wheeler%20Revolutionized%20Time%20and%20Reality&fq=dt%3Abks
Title: Search in WorldCat

Search URL Search Domain Scan URL

URL: https://www.goodreads.com/search?utf8=%E2%9C%93&query=The%20Quantum%20Labyrinth%3A%20How%20Richard%20Feynman%20and%20John%20Wheeler%20Revolutionized%20Time%20and%20Reality
Title: Search in Goodreads

Search URL Search Domain Scan URL

URL: https://www.abebooks.com/servlet/SearchResults?tn=The%20Quantum%20Labyrinth%3A%20How%20Richard%20Feynman%20and%20John%20Wheeler%20Revolutionized%20Time%20and%20Reality&pt=book&cm_sp=pan-_-srp-_-ptbook
Title: Search in AbeBooks

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB HTTP 307
https://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB HTTP 307
https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://libgen.rocks/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

75 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ads.php Show response
libgen.rocks/
Redirect Chain

http://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
https://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB

23 KB
8 KB

195ms
146ms

Document
text/html

2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a9e4bb2bb7af4756a7dd399ba1a0800d20de0d34855579d6d0fb156a99e71f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e4f82231d3937e8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 11 Jul 2023 07:59:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJFRLdmDBJ5iH%2FP2bUlVZ%2BafF5Bu0H3NIE5bO24LJkC37ZpJGChBjptIaU7gX7VC26ujItSXFXyN2qedLj7IptAPU5KlszVQekN6fBA%2BwRXg5tVYdiQMYaTmjfod%2Br2RDAAlZrRFqftAhL0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 164
Content-Type: text/html
Date: Tue, 11 Jul 2023 07:59:39 GMT
Location: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Server: nginx

GET
H2 200 bootstrap.min.css
libgen.rocks/css/ 157 KB
25 KB 56ms
55ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/bootstrap.min.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f859e98-27288"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bluhuX6joQnk5A6CQyXNmK7iEFXS5PunwOO5ORqnA0Jc74UHox%2BTC8bh7K%2BnIbE%2Fn7kJlGLJQKbQIRM0cEghIVN0ZjCfXPzhghqDEu3S9BoczcQLGwifRR%2F4FfSrVK%2FCXf4sxN5rSfmUBEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7e4f82240e3b37e8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H2 200 font.min.css
libgen.rocks/css/ 9 KB
2 KB 39ms
37ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/font.min.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 09 Jun 2021 18:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60c104b1-25d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWXm1gjkuNxKudqsfPknvSbEROjemera9EqEU%2FyHVipJj2hL4xrAEmlX%2BBWM2Y34pN3tD3sLph%2BBLSYTG1mFRuSYs2uUWCqni5PWwSlMVmICj%2FtY54Z83D3G6Uc0%2BjasVaS4Pu35SQZpARY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7e4f82240e3c37e8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H2 200 dark-mode.css
libgen.rocks/css/ 294 B
422 B 34ms
34ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/dark-mode.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Apr 2021 06:48:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"608a56c4-126"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVW9sGFppdqxWiPXB7IVT0GDR0kzk7jrpj90M6fPfRK90yKg4U%2BD80eq7HVEx%2FObQlAtzETFkh%2BAWPrE99bwhp3W4XuciO6pEmrro61aVV55ZFiMt3kkKtNNh7bLEE6%2ByW1yvKRG4YSpupA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7e4f82244e8637e8-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 75ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1689062380.dop004.am5.t,1689062380.cds115.am5.hn,1689062380.cds004.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 115ms
66ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

042de207c43d7207b0cc7c3e09136e3376e857fd0b6107f52d25bec345f430f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48810
x-xss-protection: 0
server: cafe
etag: 2135883832531598964
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 07:59:40 GMT

GET
H/1.1 403
Forbidden d53e2728a6de1b6d59e60f5833fa9c3f.js
fertilisedshoe.com/d5/3e/27/ 0
0 975ms
99ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://fertilisedshoe.com/d5/3e/27/d53e2728a6de1b6d59e60f5833fa9c3f.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 11 Jul 2023 07:59:41 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 pub-4139850031026202 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 125ms
54ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-4139850031026202?ers=1

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6b288c273d1671346994b30c929b5735e5ae39950d7e75a4f315a86b901f11f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Tiiydf6bDatQrQqbxFHzDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Tiiydf6bDatQrQqbxFHzDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
libgen.rocks/img/ 2 KB
2 KB 61ms
60ms Image
image/png 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libgen.rocks/img/logo.png
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 30 May 2020 06:17:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ed1fa96-7b8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2aBXgmjGJSyo5l%2FuNzIVRd1QsYFDA6I%2BVv6DoLqIgI5jFg7trg%2FVRTCGP%2FO12w7XeUfn3PnIO4h8gS7gv9m0kg%2BVsEKrQ1NW%2F6yITCpE80n8eZfbqr%2BLqA8JNBYl9e9bSqzcC4u9PN9yNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7e4f82251ad11cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1976
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H3 200 dark-mode-switch.js Show response
libgen.rocks/js/ 3 KB
1 KB 63ms
63ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/dark-mode-switch.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 22 May 2021 16:34:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60a93285-b75"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEr409A4msybQ6UNcAE1fGomwiztB2EikU6zhJ7HWtmnmpWDteVMervn%2BOpv7lnckTwYqbUJYy68Nz1JBH1za4zvXDHSNGxX1fc0z1U%2FQJ2ClilWCDwx5JPnPY6dZbcT1UnHTq2pxWzznN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7e4f8224da7e1cb5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H3 200 10ff76c135f92b7f1d3a3b3d772f36cb.jpg
libgen.rocks/covers/2720000/ 256 KB
257 KB 172ms
171ms Image
image/jpeg 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libgen.rocks/covers/2720000/10ff76c135f92b7f1d3a3b3d772f36cb.jpg
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45c5f1ca282606103395dfe0b76b9ad7b6631ced43df0a00e590c2ffa24d777e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 12 Aug 2020 06:23:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "40013-5aca8397012c1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zC9aPNDvUog4SG4UJ7SgECxVmcrFMVtOJh1OqC5ILeFICv6MlPau5fW7AegvnHDtEb33qQFkr9sQr1cwxaHziIj4vXKZ3opYSWUQWd9C%2FkifXUe2p%2FIFILg%2F%2FXar5%2FUFf9RRYHAvWFsavYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7e4f82251ad21cb5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 262163
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H3 200 email-decode.min.js Show response
libgen.rocks/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://libgen.rocks/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 15:21:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a438ff-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCGqwA%2BjknWOe2ZvPB4JN%2Fmx2P7aCB1pl%2BgR33kQjhnObgju4CegP8U%2BYtXuhWqhuiLqYsQpPnVCL7Au%2B6xTfx%2Bmue81R3etecIWOKn%2FMXQRMCrCKSAI7OZ%2BadEGCUcQzw98y3rG6H6rmX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e4f82251acc1cb5-FRA
expires: Thu, 13 Jul 2023 07:59:40 GMT

GET
H3 200 popper.min.js Show response
libgen.rocks/js/ 19 KB
7 KB 44ms
43ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/popper.min.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 16 May 2021 04:13:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"60a09bf4-4ace"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1rT3FezemOv%2BBsQ5DSjc8hFStOvloWfoS%2BbaCFZzAI%2FySTkarAACairD3nnEpAC1eLamH4ejt13i2scXCZrRrdVOPsTPVIaygTTP1qm1qBZoNO92TguKd3xLnm02%2FwzCmmpKSjzeAlexSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7e4f82251acf1cb5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 62 KB
16 KB 61ms
13ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jul 2023 07:59:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 10177195
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-ams21049-AMS
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 64ms
16ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jul 2023 07:59:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7204612
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23383
x-served-by: cache-fra-eddf8230067-FRA, cache-ams21049-AMS
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 form-validation.js Show response
libgen.rocks/js/ 686 B
806 B 65ms
63ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/form-validation.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5f859e98-2ae"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQL2gU6oUgaa2J9cOfO37krPUdCNnX15hTtdVRj23muYLh4wcWxxgg3s2Q9uXV8DBO0nZsGJ43Yu%2FhT0kRfhFj2UeiPFPTWliQWYOI1%2B0E0x%2BBOy0OeZpanTdnR%2BsGH%2FVyCJvW9ar7cV%2F%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7e4f82251ad01cb5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 18 Jul 2023 07:59:40 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 344 KB
118 KB 144ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4139850031026202&plah=libgen.rocks&bust=31075972

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e1a9a9d9d4e35556c5f7f2bfe65e9bb57c5c55ffe3fd85d0e2dbb6531a52f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121069
x-xss-protection: 0
server: cafe
etag: 17179486460435860582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 07:59:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/ Frame A07F 10 KB
5 KB 65ms
18ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 43100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 20:01:20 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 20:01:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 75ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=libgen.rocks&callback=_gfp_s_&client=ca-pub-4139850031026202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4139850031026202&plah=libgen.rocks&bust=31075972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85cd130cdba937bb1f387fbc9dc3f3c1bda869e0930f99e4162516e1e31e512c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 75ms
27ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0C4 52 KB
18 KB 695ms
694ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1689062380&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D10FF76C135F92B7F1D3A3B3D772F36CB&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689062380482&bpp=3&bdt=327&idt=238&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5889614030982&frm=20&pv=2&ga_vid=1757895224.1689062381&ga_sid=1689062381&ga_hid=1242947069&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31075758%2C31075811%2C31075823%2C31075972%2C44788441%2C44796477&oid=2&pvsid=1389311394136339&tmod=1201903711&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=260

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68067965ecc19f5394625cc2688f766a8d5829a2b9e1ca59efde67ef15b5ca81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18103
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 07:59:41 GMT
expires: Tue, 11 Jul 2023 07:59:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUpDhrJ0rQFdfBpSUsJAkayyDBO5diHh_H4cd3LwcqhthTn1X0-QqN2hgoQC26js9xrwThU4CBmbBfqzh3xgXY= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUpDhrJ0rQFdfBpSUsJAkayyDBO5diHh_H4cd3LwcqhthTn1X0-QqN2hgoQC26js9xrwThU4CBmbBfqzh3xgXY=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg5MDYyMzgxLDIwNDAwMDAwMF0sIkEwMjNGM0U2LTIxQjQtNEUyQy1BNTVBLUZCNTA3QUI0RTQ0MCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vbGliZ2VuLnJvY2tzL2Fkcy5waHAiLG51bGwsW1s4LCJ1Y0FobXBWejdRQSJdLFs5LCJubCJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.ucAhmpVz7QA.es5.O/d=1/rs=AJlcJMxL-ktqoNQKLa_n5l2YZrk0FCmEvA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4bf4a5709aeaead162535918dcb5f5df7fd50e10e08f1175cdcc134104f9bd1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FCSPJ6zDbETN4cBkDBe0ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FCSPJ6zDbETN4cBkDBe0ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
fertilisedshoe.com/f8e9fd155acd00cc14b9fd3ab99deaee/ 0
0 99ms
98ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://fertilisedshoe.com/f8e9fd155acd00cc14b9fd3ab99deaee/invoke.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 11 Jul 2023 07:59:41 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/ 0
0 100ms
100ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 11 Jul 2023 07:59:41 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/ 0
0 99ms
98ms Script
application/javascript 173.233.139.164
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 11 Jul 2023 07:59:41 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ 154 KB
52 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/reactive_library_fy2021.js?bust=31075972

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b6d98d6ececa4766dde1fe30b0ff4bdc5ab6025436bd48f3f775b9b46f87ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53431
x-xss-protection: 0
server: cafe
etag: 13363488295215454599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 07:59:41 GMT

GET
H3

200

invisible.js Show response
libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame 374C
Redirect Chain

https://libgen.rocks/cdn-cgi/challenge-platform/scripts/invisible.js
https://libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

7 KB
4 KB

26ms
25ms

Script
application/javascript

2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB

Protocol

Server

2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34bd0aa8297253c1a89e44a0cea7d406ab680ec8e188de3ea8460c276b67ecc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqorOyhtOnvHk3MEFpGBWzgwBKLck5FG7s7RyJ%2Bjxa9cClmAlat5ueJqzD%2FsYpIu5aZksNcohqFC8PVJe%2FMl58m%2B2maaQQMXwDs9sdvezn3tViR04nemp%2FuZvXabDO9LYpAbY9oQWcabDJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7e4f822cebc91cb5-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 11 Jul 2023 07:59:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7Gor8QWuqmiR61feaOGTbMX15MCDewzkNhGJ6YMl9SkRHqprDWBucCAH%2BsiYFqJZAZAlnkB3pCEdE6%2BZpV%2FXhI%2B5u3Un8kqkyF29dszX%2F1yOB8EA8HF9qIF3E2q%2BZediHtOQvkaJDgCbh4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
cache-control: max-age=300, public
cf-ray: 7e4f822cab8f1cb5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/ Frame 7911 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 32595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 22:56:26 GMT
etag: 12368291122986407432
expires: Mon, 24 Jul 2023 22:56:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 06F7 197 KB
57 KB 127ms
71ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZK0L7AAM7HIGrRS3AAr0Ja6u92cEagjOE-vBpg&u=%7C7NCX9gesysYyCsGn8ep3yebZpwFRf5QZEap8byqWybc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9gX83Bwsauy06zFrm0Fi-YdF8b2H7kedDXe8GUf1AtZlNUjn3SuJPgZdYBlaqIuiYRK2i1ZJ0HLvmtqXBWyXEe_bj8L5x2GXVKYuGrFpQA8vRBD5XhxygCsEfZyzAP6GJems-Z_HTRk--261PU4EcLa4gBwX5wlFO6QmIjY2NmZ08_p1VRngRsR9AsBdTLQjhsjBrMwQcK9JizbvaEJqsIFPWgDxi2P_vlK15Uh_jyBVGxyxNfPUU6SJpcwKb8OkbECx236Zb9bUBbNO7z0Nh9wXekCvSdW_Z8Jyydzt6-t5BNDnxc4zAXHW4k2701dqN1fz4V0qiIuKXs51Ggyeo9DMJYSn-OtvWLnsHuDQdVZpvAsIMEJScuYHPx0elQSFXk_ZXu8sWv8Ap059WglzwVeqtqKZoJ3nvVk5rf05t7e3txKDSx1_vCjrs0m-ez57_83kVmkQtJMxx2yUwPs3WC4ns1SZbgQ3FdoEnMStdGsWAJ0PCSxeTg3FQ-qN15nJsItKpjDuXuwLWTBFG4wEzXHA0huQqfzaaPoXgpSoRewMLzdQ6XUCOlHxke8tnD-MM-ycFYmUoR39PlEVG9QvQhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvgxo7AutZPLYM7eptOUPpeirwAXJntKxXPWR3r6xAcCNtwEQASAAYK8FggEXY2EtcHViLTQxMzk4NTAwMzEwMjYyMDLIAQmpAud0FNX2e7I-qAMByAMCqgTFAU_QeD3Sj5hTVbVMqz_4b5vHswyWvJ5fqQ4GGcVgsDEIY85MlYc3BQtxu8n8qLdeXqnl2LhNSlN96oHwVfGB_0R7dT1VEN-ea9HKebrlBXlQvsQly4sX7dnCWHkLSCMUEylnpaQQ07npKOObcVcJxKP3LawAYfENWhDjVIitoDuqJjKeeG2cZGuWDpnZUA_rTW84XllPl2IjF6-UFCSAqTomkk1VT7hQHbK9BC_05132xMCTJ5Q1vN05Us7g2hMvno-bka49gAajiq2-1eDsyZoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1jJ3y-texF5TmBksRlVCG6dxulGA%26client%3Dca-pub-4139850031026202%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f67a8224071ae4637d61ff7369eca36307ed440ee06036787d627ef2eab87217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 07:59:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mas5cZ8bUiraXnecuyJDM41LkMF2WnNDqLbUBPnPYB4pM3rcXFFol5q0NTcVcI39smc_RHG9CtNJitOD0RacrqBuEHTPhDSjeLzuXusRykpCTJdmfAYDzuEE42xJ2PGIPlNaF16Xsx45_t3Llz3L2YRnTstUyhDyGNtVq7jTqUS15GBeBMLAhSAqAX2x1vx8i8uNwntlB8TXEWFIH3uBjbPlhk0aB1UKlYis0zvB58cHA30fjD6CLd-zsIMWH8taFCgbng"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56375039
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 7911 3 KB
1 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 7911 20 KB
9 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 17:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:54:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7911 179 KB
57 KB 158ms
111ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57331
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688990556196721"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 07:59:41 GMT

POST
H3 200 7e4f82231d3937e8 Show response
libgen.rocks/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 374C 0
578 B 40ms
39ms XHR
text/plain 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/g/cv/result/7e4f82231d3937e8
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40NPGvY3twC7I2kII2mCXoxEjwtOPZpoQqM%2FY0eOq8gZP%2FRFx9ExRLtZJ6BbJTFqTa1PcLuTCEtrqfV4UtPA9SoE6tk2IwYA%2Bc%2B%2Fx6EHdzspPDaZ7f12ZKqfnJIzQmLKjxgrl69YUOJ77hY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7e4f822dbcb01cb5-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 7911 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca41f1d0152e00a99d14f3cae7e6c657a3767b23d6ef66f1ee5ba50613b96ddb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 06F7 2 KB
1 KB 76ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZK0L7AAM7HIGrRS3AAr0Ja6u92cEagjOE-vBpg&u=%7C7NCX9gesysYyCsGn8ep3yebZpwFRf5QZEap8byqWybc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9gX83Bwsauy06zFrm0Fi-YdF8b2H7kedDXe8GUf1AtZlNUjn3SuJPgZdYBlaqIuiYRK2i1ZJ0HLvmtqXBWyXEe_bj8L5x2GXVKYuGrFpQA8vRBD5XhxygCsEfZyzAP6GJems-Z_HTRk--261PU4EcLa4gBwX5wlFO6QmIjY2NmZ08_p1VRngRsR9AsBdTLQjhsjBrMwQcK9JizbvaEJqsIFPWgDxi2P_vlK15Uh_jyBVGxyxNfPUU6SJpcwKb8OkbECx236Zb9bUBbNO7z0Nh9wXekCvSdW_Z8Jyydzt6-t5BNDnxc4zAXHW4k2701dqN1fz4V0qiIuKXs51Ggyeo9DMJYSn-OtvWLnsHuDQdVZpvAsIMEJScuYHPx0elQSFXk_ZXu8sWv8Ap059WglzwVeqtqKZoJ3nvVk5rf05t7e3txKDSx1_vCjrs0m-ez57_83kVmkQtJMxx2yUwPs3WC4ns1SZbgQ3FdoEnMStdGsWAJ0PCSxeTg3FQ-qN15nJsItKpjDuXuwLWTBFG4wEzXHA0huQqfzaaPoXgpSoRewMLzdQ6XUCOlHxke8tnD-MM-ycFYmUoR39PlEVG9QvQhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvgxo7AutZPLYM7eptOUPpeirwAXJntKxXPWR3r6xAcCNtwEQASAAYK8FggEXY2EtcHViLTQxMzk4NTAwMzEwMjYyMDLIAQmpAud0FNX2e7I-qAMByAMCqgTFAU_QeD3Sj5hTVbVMqz_4b5vHswyWvJ5fqQ4GGcVgsDEIY85MlYc3BQtxu8n8qLdeXqnl2LhNSlN96oHwVfGB_0R7dT1VEN-ea9HKebrlBXlQvsQly4sX7dnCWHkLSCMUEylnpaQQ07npKOObcVcJxKP3LawAYfENWhDjVIitoDuqJjKeeG2cZGuWDpnZUA_rTW84XllPl2IjF6-UFCSAqTomkk1VT7hQHbK9BC_05132xMCTJ5Q1vN05Us7g2hMvno-bka49gAajiq2-1eDsyZoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1jJ3y-texF5TmBksRlVCG6dxulGA%26client%3Dca-pub-4139850031026202%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Jul 2024 07:59:41 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 06F7 2 KB
1 KB 73ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Jul 2024 07:59:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 06F7 308 B
637 B 71ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 Jul 2024 07:59:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 06F7 293 B
621 B 71ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 05 Jul 2024 07:59:41 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 06F7 43 B
348 B 69ms
19ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=dV6IJOH9bikKc3lTtf3z9y9qYg-tuu8BYkQvETS47B-61ilkEfcf9gkonXuO8iUrZ8erCRFi_G709NxzsQtF4KVw7-TIYsFfcNrYOxM1zPp0MdwCFVI42fM_jauqNt5E6QbBUWoJaywvJHBYGfIW_I0Xfv56xPahODKrxb12uSsGE3RuEMGI5P4FKMtTF4FoyjaXBQkBHCOjSU9-oZiBKDwAjFrX0vZgNI1UQFqLTecRkS89BvM-LdQOif3lzt4XuAaOy0GT85BtJvt0sIjJDMUhB0LkzYLy7rXhZJf0a5_waEZoOcfnyN9VdxKyP_xT8bEVt7_UKb-ySzMfKWZztoWXhmla_acrv90NbUDEhQibjtaDTTMWgTOhTOG3Cd6XCnGv_HjMFeI4iKzub-PPzhzhE2JkV2ow1L6SGhkMMqK--_oA9Xcp-dJSsGIvBG3tDpChtA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1769607
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 06F7 12 KB
6 KB 49ms
21ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Jul 2024 07:59:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 6 KB
6 KB 130ms
45ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=23584&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F23584%2F220203%2Fa6370e846aab4acaa9f85c1a5f58c6ad_logo_fonteyn-2x.png&v=3&w=196&s=gPwTSK5f-WbdjZqyOHOn2gl6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c7475770083e0a6676e554c9d74c95fa268942be74384bd5d036d5e3fc8d32b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 5926
expires: Sun, 16 Jun 2024 05:08:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 26 KB
26 KB 137ms
53ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fm%2Fo%2Fmoonlight-spa-top.jpg&v=3&w=800&s=xGTu50q6du0RvFzeoGVbgHER&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

55f85df3c9d8f50a2eab5b6722e3bf7244ec8b8ab936625c399d1ab34581a0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 26442
expires: Fri, 31 May 2024 10:04:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 8 KB
8 KB 152ms
68ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fw%2Fa%2Fwalvis-grijs-07-led.jpg&v=3&w=800&s=p3ubyjF2IXP-KLg4l-NvtuXc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

123f418baecc0666a20ad91a62228512c157cda3e9916b85206fffd26fe75dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 7778
expires: Mon, 17 Jun 2024 16:45:58 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 7 KB
7 KB 129ms
44ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fm%2Fa%2Fmallorca_luxury_2.jpg&v=3&w=800&s=52ISu4uYEqGIFb8IN2kPXBRR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

23c741adb504025c38efb6b8bb9a1ad76d9f3fa10265befa2f8af36f2dc2cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6718
expires: Tue, 18 Jun 2024 20:15:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 14 KB
14 KB 162ms
78ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fu%2Fl%2Fultra-spa_1.jpg&v=3&w=800&s=_4uicVNJXsvW987Kf0JkAle1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

18eb63be7656c2ad2f249f217dcd2e4eaa75e11e5b61e92c45499564bcd27dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13896
expires: Tue, 18 Jun 2024 18:05:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 8 KB
8 KB 156ms
72ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fm%2Fi%2Fmiamivrijstaand.jpg&v=3&w=800&s=38Yvjx5Ec8QqK6f_bKN2-Knz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fecbd40e01876136ad73e121c6bb9c410bf4df53caff7a49793960304f9020e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 8296
expires: Wed, 19 Jun 2024 09:51:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 22 KB
22 KB 40ms
39ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fc%2Fa%2Fcategory-spa-blackburn-100328-31.jpg&v=3&w=800&s=GJINQgiQr06ygmim8th-rYP4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6350de53c5981052153e5b1b0b20c303e6cbc5b1cbe3ddd00a01840500ba3cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 22448
expires: Fri, 31 May 2024 10:24:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 6 KB
6 KB 34ms
33ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fw%2Fs%2Fws-s06m-.jpg&v=3&w=800&s=7hwJn-sdzE9VNKOnijbFN9Yn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61e28ad286f8d09dc7db761079ac508f7f9657155063ce3863285078322bcfc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 5702
expires: Tue, 18 Jun 2024 13:59:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 7 KB
7 KB 45ms
44ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fs%2Fp%2Fspa-excite-1.jpg&v=3&w=800&s=htJfrrGEgDzF2W9TcnfCRL-D&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5b0b3fd5942093375864e3006fe72ed16c2a270823421ae22993d4cef9044e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 7332
expires: Sun, 16 Jun 2024 06:58:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 06F7 14 KB
14 KB 49ms
48ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=23584&q=80&r=0&u=https%3A%2F%2Fwww.fonteynspas.com%2Fmedia%2Fcatalog%2Fproduct%2Fv%2Fi%2Fvilleroy-en-boch-spa-a8d-top-view.jpg&v=3&w=800&s=1YTi6uRXKB27HUGAsS0K1EXk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

36cc76ca61ea2c86067e1aaf5baea0b75057968a21ed2bb568e4f8e26587f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 13908
expires: Thu, 20 Jun 2024 09:41:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 06F7 0
128 B 75ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mas5cZ8bUiraXnecuyJDM41LkMF2WnNDqLbUBPnPYB4pM3rcXFFol5q0NTcVcI39smc_RHG9CtNJitOD0RacrqBuEHTPhDSjeLzuXusRykpCTJdmfAYDzuEE42xJ2PGIPlNaF16Xsx45_t3Llz3L2YRnTstUyhDyGNtVq7jTqUS15GBeBMLAhSAqAX2x1vx8i8uNwntlB8TXEWFIH3uBjbPlhk0aB1UKlYis0zvB58cHA30fjD6CLd-zsIMWH8taFCgbng&sds=2&rev=87360&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 06F7 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 Jul 2024 07:59:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7911 0
23 B 62ms
62ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_CvM7AutZPLYM7eptOUPpeirwAXJntKxXPWR3r6xAcCNtwEQASAAYK8FggEXY2EtcHViLTQxMzk4NTAwMzEwMjYyMDLIAQmpAud0FNX2e7I-qAMByAMCqgTCAU_QeD3Sj5hTVbVMqz_4b5vHswyWvJ5fqQ4GGcVgsDEIY85MlYc3BQtxu8n8qLdeXqnl2LhNSlN96oHwVfGB_0R7dT1VEN-ea9HKebrlBXlQvsQly4sX7dnCWHkLSCMUEylnpaQQ07npKOObcVcJxKP3LawAYfENWhDjVIitoDuqJjKeeG2cZGuWDpnZUA_rTW84XllPl2IjF6-UFGaCiKihHdFG8CREvmKAotf981dAzu6LpSD9gXvL7dDMwpaFGpwkgAajiq2-1eDsyZoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MTM5ODUwMDMxMDI2MjAyGAA&sigh=8q7KLGIt44M&uach_m=[UACH]&cid=CAQSGwBpAlJW_dTRGoGYvT7aiS2KtiDm_y29jlfSmxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Jul 2023 07:59:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Jul 2023 07:59:41 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 7911 0
126 B 87ms
23ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kJK5Erz6RO0HfJ2DYgICAAAAVXNMTbhGZ7sQ7AutZB7IExTlsy4J1dMAABIAAAoKQVFVQkR3RVBEdw&wp=ZK0L7AAM7HIGrRS3AAr0Ja6u92cEagjOE-vBpg&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 175941
server: Kestrel
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 71ms
70ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230706&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d9fd4d62d2f3bea39441aa1f818b9d64f0bb347eb3aff5287f9036d8245d1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11751
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 07:59:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 941C 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 55884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jul 2023 16:28:18 GMT
expires: Tue, 09 Jul 2024 16:28:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3A0A 783 B
1 KB 82ms
36ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64213b662ad4b2b50c20b90519092b705f0ae65b85a3af89fab698c076486ed4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s3a3aBO1WnRm5josbPmPRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-s3a3aBO1WnRm5josbPmPRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jul 2023 07:59:42 GMT
expires: Tue, 11 Jul 2023 07:59:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 941C 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 06:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jul 2024 06:53:22 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 76ms
76ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.850387148933537

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AKTxIVTuw6nAz3wDCitHXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-AKTxIVTuw6nAz3wDCitHXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.115994864232783

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-ybMSJnI4odSgiH1z7rW_ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-ybMSJnI4odSgiH1z7rW_ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3A0A 0
0 53ms
53ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230706&jk=1389311394136339&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 941C 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zvplJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
30ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-x0N_SbLkOguBFFHwrKNtKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-x0N_SbLkOguBFFHwrKNtKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://libgen.rocks
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230706&jk=1389311394136339&bg=!19Sl1IDNAAb90kgr3dI7ADkAdvg8WvWLwP9cMVKscDGmq5vEwF-Y78e3YStNDPioPiovO8MGBKtX8UTG0ng_MoJpPg_ZpUZLtw8CAAAAiVIAAAAKaAEHmQKg5XnQDdJQU0US345MYBWQe_oUj-c1YJAsVibUxKb8O7xdgrHzpn036lG4DftYoEWImcLecc0tfGtOaNdZdFZR4x48dKV1aeWw9ix3TyER5r6bqV9RCbBv-LLzwlPsDexHzo_9k1FX8LhW3zJ9u7u2gT49VokVtzKWelk-fPAu0Rf8y-LvxK-EbGtl_5Pgp9km1RHycxH_FIP4cpOw-w4Dz3pc8QMNvSPPauqcM7m7RuqVtAhFE-ukrodTpnC01l8bDG6UlPRL1CSQuhLO9VgAxaN4u3Rt1Annp7qU8988mI1Sq0HR8UQflHuekPhfQDuq6BBceQuq4oLrbgk1LjmeugP_TwouUU3bUPgEhzIc0Pwy4sMIOCZd2ZEEmaH9JimSUHM8z3sb0SW3MGrJaL95AeFA5B5lzxWr48yXKEPe4n8QsPCMTIsu4Yy4sk0mU3ZDeAHI81KJgvGs1-AyHj14PMixMSVE1rkqNGKKj_qCgxYm_OXz0sG67kxH3dXFEfpqPL08dOKsNZuNLgsIpDPn7BCRZIssoOrfQGyMAx2ocz0Po3WJUtYVSeSPuu9BazMDvJG7aPq1la5__f3TNvGWJoie_I-fWokCvpwxgJY4eChVDL3NvUZENho7QWvpczhvYkJymde04UUFzRky7Oo4MlXk6pY3boHM6HMp6QBCiTzI0q8DA2pf-er3L4iH6pjAsI4Yyr9auDMJc3kk-sBzpwFFevSRAUCBbWZuPZ_n1cC8PQWeVIyLKZwGN__JhG8dtgQTOpsv0qVIDTUP04C4k8DT2PHIlCNqORBQ8cB39t6ggWN-SEIo-TR_3Fj1SL27Y1UvIJP5xDmuyCCLjqkhD8LulZ4fDsPUqbSzEJsskOUXB1pOWlzVNTbIrDZE46Nz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7911 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteLEiU7EqkEjAT-XZ9_BAJDPfN97qnN3CyEAT3nkGoFDX0VTPhl8UlaRBzidtysEYkIIuxWysRNjKDw61ulDj15XC-&sig=Cg0ArKJSzKloqCUezCiQEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1096,1096&tos=83,683,234,96,0&v=20230710&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689062381558&rpt=272&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jul 2023 07:59:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 06F7 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 11 Jul 2023 07:59:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 pagead46. Show response
fundingchoicesmessages.google.com/f/AGSKWxWpjdPGnyJNF3Xf2cFHDKh3e-AjfR8xc2Xph9mXcUs1mdVnzv4GyPgbcpk42D9B_ylt7GDf5KbTKbs8_XxPbs_GpBNDXizAEXgDlf7llLxJOccwabPqeiZdogqfpxfHUiF6SUSYJ-EgrrUgd3FYlMY0T68b_... 54 B
109 B 40ms
39ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWpjdPGnyJNF3Xf2cFHDKh3e-AjfR8xc2Xph9mXcUs1mdVnzv4GyPgbcpk42D9B_ylt7GDf5KbTKbs8_XxPbs_GpBNDXizAEXgDlf7llLxJOccwabPqeiZdogqfpxfHUiF6SUSYJ-EgrrUgd3FYlMY0T68b_2CoPHp3nc1tWUOssdPD2rttwbgb1VKY/_/ad_parts._120x240.-api.adyoulike.com&advertiserid=/pagead46.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.ucAhmpVz7QA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxL-ktqoNQKLa_n5l2YZrk0FCmEvA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

426d24da68cc47e2dba7fee18945767c6c09bf1e22c0a6c33526c107fd38faf8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pNcPLWTOB99Ngu0HreOJOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pNcPLWTOB99Ngu0HreOJOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 62 KB
23 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8cebe2c8762199df0e2ae5d1d08a16443de2e329b24c405c0e46ccee37606c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23838
x-xss-protection: 0
server: cafe
etag: 15928618024271732548
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jul 2023 08:57:10 GMT

POST
H3 204 AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 31ms
31ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YfqxVFkUWw4fAU4TXvLDGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 07:59:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-YfqxVFkUWw4fAU4TXvLDGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://libgen.rocks
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 38ms
37ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nArlTsQhg0h4YVdU4vKdqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 07:59:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nArlTsQhg0h4YVdU4vKdqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://libgen.rocks
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 31ms
31ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X9Fl71tP5NF-JCxfs2kMeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 07:59:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-X9Fl71tP5NF-JCxfs2kMeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://libgen.rocks
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 41ms
41ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oK_z9NnFVm5u75Lxj-mO5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 07:59:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oK_z9NnFVm5u75Lxj-mO5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://libgen.rocks
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUCg980_wusoxjTJxnml5sRWjdBaO0uPEpIe0akHUdCL9-2KPgpVb8gfk16NWB8ESBL53gNm9koqnta3D4_4FVeSBSSDD4xZ8Q5khzfnYuUfQ6yWMI6uRU9EP3KfQz5WWU_vDjHpw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUCg980_wusoxjTJxnml5sRWjdBaO0uPEpIe0akHUdCL9-2KPgpVb8gfk16NWB8ESBL53gNm9koqnta3D4_4FVeSBSSDD4xZ8Q5khzfnYuUfQ6yWMI6uRU9EP3KfQz5WWU_vDjHpw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg5MDYyMzgzLDYwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDZdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2xpYmdlbi5yb2Nrcy9hZHMucGhwIixudWxsLFtbOCwidWNBaG1wVno3UUEiXSxbOSwibmwiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3c6d65655a764cda683a50c2031dccf089b3eb12318207eb01b5e9e9e542059a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uKoctnPdO0eSqgtNQvokSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:59:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uKoctnPdO0eSqgtNQvokSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXv82cvPp8k6AH7qUoZ7tLTbmznDFH-GaIRfeLqYbDqCX0YnyB45lytFNt3AOL2YWv9dvSpIHSBaI2b6N5FxLE0vWXov_W1SEm4D1vdhKy96yQFsAGNmHiN41MVM3kFGjpWm129Fg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 34ms
34ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXv82cvPp8k6AH7qUoZ7tLTbmznDFH-GaIRfeLqYbDqCX0YnyB45lytFNt3AOL2YWv9dvSpIHSBaI2b6N5FxLE0vWXov_W1SEm4D1vdhKy96yQFsAGNmHiN41MVM3kFGjpWm129Fg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1yf8GQkInzm_Tp78IgOspA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Jul 2023 07:59:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1yf8GQkInzm_Tp78IgOspA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://libgen.rocks
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
libgen.rocks/	1969-12-31 23:59:59	Name: PHPSESSID Value: ujnl05me7e5aatkrc55uh84tsa
.libgen.rocks/	1970-01-20 22:32:38	Name: __gads Value: ID=748a6e3f7a9d6a7c-22efd81126de0031:T=1689062380:RT=1689062380:S=ALNI_MaCO8yEcReFMOTqRpaLt9MGdEAwpA
.libgen.rocks/	1970-01-20 22:32:38	Name: __gpi Value: UID=00000c3ba799cbf8:T=1689062380:RT=1689062380:S=ALNI_MZCpuxh10ioMpJDcg8tMw9eg_EKIQ
.libgen.rocks/	1970-01-20 13:11:04	Name: __cf_bm Value: YLrUgafIwtE402nyAvYiURETRcmZNXCq31sJTxE_9Ro-1689062381-0-AfGIvKYg9s57Jzfqwm/eMXDOeoeK2AS8rXMpyCZ+oOytgQPXeYwPOreeoGqyZuDlaQ==
.doubleclick.net/	1970-01-20 22:32:38	Name: IDE Value: AHWqTUnjGhqlSkmJk658JyyyUeow9TT5nUstHZS8x3qt7doIecZKO2VNuLejT-RYDX0
.libgen.rocks/	1970-01-20 21:56:38	Name: FCNEC Value: %5B%5B%22AKsRol9LTp-M8WSraCR66Eq57I_bN-To6PV-B-bwjHcx2mmG5sCHq2eIVLKzYICKVDiRNaSySbqMmxQTcVsWHFOfkSUj9dsPrvjCcJxHTspqALE3DXwrYSCKXjP6mbNM9XVSPT5q-zSJAo9ShJWy7369htNhTW0gSA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fertilisedshoe.com/d5/3e/27/d53e2728a6de1b6d59e60f5833fa9c3f.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB(Line 320) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/f8e9fd155acd00cc14b9fd3ab99deaee/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB(Line 320) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/f8e9fd155acd00cc14b9fd3ab99deaee/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://fertilisedshoe.com/f8e9fd155acd00cc14b9fd3ab99deaee/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB(Line 330) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB(Line 330) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB(Line 374) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB(Line 374) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
code.jquery.com
csm.eu.criteo.net
fertilisedshoe.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
libgen.lc
libgen.rocks
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
173.233.139.164
178.250.1.6
2001:4de0:ac18::1:a:3a
2606:4700:3036::ac43:c53e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::13
2a02:2638:d::c
2a04:4e42:600::485
89.248.170.56
042de207c43d7207b0cc7c3e09136e3376e857fd0b6107f52d25bec345f430f2
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439
123f418baecc0666a20ad91a62228512c157cda3e9916b85206fffd26fe75dbb
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18eb63be7656c2ad2f249f217dcd2e4eaa75e11e5b61e92c45499564bcd27dfd
23c741adb504025c38efb6b8bb9a1ad76d9f3fa10265befa2f8af36f2dc2cb03
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34bd0aa8297253c1a89e44a0cea7d406ab680ec8e188de3ea8460c276b67ecc9
356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13
36cc76ca61ea2c86067e1aaf5baea0b75057968a21ed2bb568e4f8e26587f6ed
3c6d65655a764cda683a50c2031dccf089b3eb12318207eb01b5e9e9e542059a
426d24da68cc47e2dba7fee18945767c6c09bf1e22c0a6c33526c107fd38faf8
45c5f1ca282606103395dfe0b76b9ad7b6631ced43df0a00e590c2ffa24d777e
4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f85df3c9d8f50a2eab5b6722e3bf7244ec8b8ab936625c399d1ab34581a0d4
5b0b3fd5942093375864e3006fe72ed16c2a270823421ae22993d4cef9044e0b
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e28ad286f8d09dc7db761079ac508f7f9657155063ce3863285078322bcfc8
6350de53c5981052153e5b1b0b20c303e6cbc5b1cbe3ddd00a01840500ba3cbb
64213b662ad4b2b50c20b90519092b705f0ae65b85a3af89fab698c076486ed4
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
68067965ecc19f5394625cc2688f766a8d5829a2b9e1ca59efde67ef15b5ca81
6e1a9a9d9d4e35556c5f7f2bfe65e9bb57c5c55ffe3fd85d0e2dbb6531a52f2d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
7b6d98d6ececa4766dde1fe30b0ff4bdc5ab6025436bd48f3f775b9b46f87ad0
7d9fd4d62d2f3bea39441aa1f818b9d64f0bb347eb3aff5287f9036d8245d1b8
85cd130cdba937bb1f387fbc9dc3f3c1bda869e0930f99e4162516e1e31e512c
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b4bf4a5709aeaead162535918dcb5f5df7fd50e10e08f1175cdcc134104f9bd1
b8cebe2c8762199df0e2ae5d1d08a16443de2e329b24c405c0e46ccee37606c2
c7475770083e0a6676e554c9d74c95fa268942be74384bd5d036d5e3fc8d32b6
c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591
ca41f1d0152e00a99d14f3cae7e6c657a3767b23d6ef66f1ee5ba50613b96ddb
d2a9e4bb2bb7af4756a7dd399ba1a0800d20de0d34855579d6d0fb156a99e71f
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b288c273d1671346994b30c929b5735e5ae39950d7e75a4f315a86b901f11f
ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67a8224071ae4637d61ff7369eca36307ed440ee06036787d627ef2eab87217
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fecbd40e01876136ad73e121c6bb9c410bf4df53caff7a49793960304f9020e4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

libgen.rocks Open in urlscan Pro 2606:4700:3036::ac43:c53e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

84 %IPv6

12 Domains

19 Subdomains

19 IPs

4 Countries

997 kBTransfer

2261 kBSize

6 Cookies

23 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

libgen.rocks Open in urlscan Pro
2606:4700:3036::ac43:c53e Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

84 %
IPv6

12
Domains

19
Subdomains

19
IPs

4
Countries

997 kB
Transfer

2261 kB
Size

6
Cookies

75 HTTP transactions
1 data transactions