libgen.rocks
Open in
urlscan Pro
2606:4700:3036::ac43:c53e
Public Scan
Effective URL: https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Submission: On July 11 via manual from AE — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on June 19th 2023. Valid for: 3 months.
This is the only time libgen.rocks was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 568 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7998 csm.eu.criteo.net — Cisco Umbrella Rank: 7838 |
129 KB |
15 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10 |
59 KB |
14 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 |
289 KB |
13 |
libgen.rocks
1 redirects
libgen.rocks — Cisco Umbrella Rank: 798580 |
309 KB |
4 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 |
27 KB |
4 |
fertilisedshoe.com
fertilisedshoe.com — Cisco Umbrella Rank: 892973 |
|
3 |
criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 7742 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9055 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15453 |
58 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368 |
39 KB |
2 |
libgen.lc
2 redirects
libgen.lc — Cisco Umbrella Rank: 786361 |
465 B |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205 |
57 KB |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1129 |
603 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 749 |
30 KB |
75 | 12 |
Domain | Requested by | |
---|---|---|
13 | libgen.rocks |
1 redirects
libgen.rocks
|
12 | fundingchoicesmessages.google.com |
libgen.rocks
|
10 | imageproxy.eu.criteo.net |
ads.eu.criteo.com
|
9 | pagead2.googlesyndication.com |
libgen.rocks
pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com |
6 | static.criteo.net |
ads.eu.criteo.com
|
5 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
4 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
4 | fertilisedshoe.com |
libgen.rocks
|
2 | csm.eu.criteo.net |
ads.eu.criteo.com
|
2 | adservice.google.com |
pagead2.googlesyndication.com
|
2 | cdn.jsdelivr.net |
libgen.rocks
|
2 | libgen.lc | 2 redirects |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | rtb.fr3.eu.criteo.com |
googleads.g.doubleclick.net
|
1 | cat.nl3.eu.criteo.com |
ads.eu.criteo.com
|
1 | www.googletagservices.com |
googleads.g.doubleclick.net
|
1 | ads.eu.criteo.com |
googleads.g.doubleclick.net
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | code.jquery.com |
libgen.rocks
|
75 | 19 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
libgen.rocks GTS CA 1P5 |
2023-06-19 - 2023-09-17 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
fertilisedshoe.com R3 |
2023-07-05 - 2023-10-03 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-13 - 2023-08-10 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-27 - 2023-08-27 |
3 months | crt.sh |
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-18 - 2023-08-18 |
3 months | crt.sh |
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-07 - 2023-08-30 |
3 months | crt.sh |
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-03 - 2023-08-27 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
Frame ID: 2F3A9A6E701780C14CB1D99DF07B8AC9
Requests: 39 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/zrt_lookup.html
Frame ID: A07F2DEF4DC3F5478C15AA10FBD5EFA1
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1689062380&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flibgen.rocks%2Fads.php%3Fmd5%3D10FF76C135F92B7F1D3A3B3D772F36CB&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689062380482&bpp=3&bdt=327&idt=238&shv=r20230706&mjsv=m202306290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5889614030982&frm=20&pv=2&ga_vid=1757895224.1689062381&ga_sid=1689062381&ga_hid=1242947069&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31075758%2C31075811%2C31075823%2C31075972%2C44788441%2C44796477&oid=2&pvsid=1389311394136339&tmod=1201903711&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=260
Frame ID: D0C42BA9BF0A9EA711CCA767B3FFE607
Requests: 1 HTTP requests in this frame
Frame:
https://libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
Frame ID: 374CA4B8C63EEC19A0A674B186A77C8B
Requests: 2 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7911899AFAABCC90C2A80B1B3DB991EA
Requests: 8 HTTP requests in this frame
Frame:
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZK0L7AAM7HIGrRS3AAr0Ja6u92cEagjOE-vBpg&u=%7C7NCX9gesysYyCsGn8ep3yebZpwFRf5QZEap8byqWybc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9gX83Bwsauy06zFrm0Fi-YdF8b2H7kedDXe8GUf1AtZlNUjn3SuJPgZdYBlaqIuiYRK2i1ZJ0HLvmtqXBWyXEe_bj8L5x2GXVKYuGrFpQA8vRBD5XhxygCsEfZyzAP6GJems-Z_HTRk--261PU4EcLa4gBwX5wlFO6QmIjY2NmZ08_p1VRngRsR9AsBdTLQjhsjBrMwQcK9JizbvaEJqsIFPWgDxi2P_vlK15Uh_jyBVGxyxNfPUU6SJpcwKb8OkbECx236Zb9bUBbNO7z0Nh9wXekCvSdW_Z8Jyydzt6-t5BNDnxc4zAXHW4k2701dqN1fz4V0qiIuKXs51Ggyeo9DMJYSn-OtvWLnsHuDQdVZpvAsIMEJScuYHPx0elQSFXk_ZXu8sWv8Ap059WglzwVeqtqKZoJ3nvVk5rf05t7e3txKDSx1_vCjrs0m-ez57_83kVmkQtJMxx2yUwPs3WC4ns1SZbgQ3FdoEnMStdGsWAJ0PCSxeTg3FQ-qN15nJsItKpjDuXuwLWTBFG4wEzXHA0huQqfzaaPoXgpSoRewMLzdQ6XUCOlHxke8tnD-MM-ycFYmUoR39PlEVG9QvQhU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvgxo7AutZPLYM7eptOUPpeirwAXJntKxXPWR3r6xAcCNtwEQASAAYK8FggEXY2EtcHViLTQxMzk4NTAwMzEwMjYyMDLIAQmpAud0FNX2e7I-qAMByAMCqgTFAU_QeD3Sj5hTVbVMqz_4b5vHswyWvJ5fqQ4GGcVgsDEIY85MlYc3BQtxu8n8qLdeXqnl2LhNSlN96oHwVfGB_0R7dT1VEN-ea9HKebrlBXlQvsQly4sX7dnCWHkLSCMUEylnpaQQ07npKOObcVcJxKP3LawAYfENWhDjVIitoDuqJjKeeG2cZGuWDpnZUA_rTW84XllPl2IjF6-UFCSAqTomkk1VT7hQHbK9BC_05132xMCTJ5Q1vN05Us7g2hMvno-bka49gAajiq2-1eDsyZoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1jJ3y-texF5TmBksRlVCG6dxulGA%26client%3Dca-pub-4139850031026202%26adurl%3D
Frame ID: 06F7F2917BF0FDB0807055CB71B27F07
Requests: 20 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 941C654B2BAA0BCE99024A6CCD9D1499
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A0AA6CDD3CC380FC932A486141AA2A1
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Library GenesisPage URL History Show full URLs
-
http://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
HTTP 307
https://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB HTTP 307
https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
23 Outgoing links
These are links going to different origins than the main page.
Title: TOR
Search URL Search Domain Scan URL
Title: Torrents status
Search URL Search Domain Scan URL
Title: libgen.rs (gen.lib.rus.ec)
Search URL Search Domain Scan URL
Title: FTP
Search URL Search Domain Scan URL
Title: Libgen librarian for desktop
Search URL Search Domain Scan URL
Title: Full text search
Search URL Search Domain Scan URL
Title: Sci-hub
Search URL Search Domain Scan URL
Title: Magzdb.org
Search URL Search Domain Scan URL
Title: РНБ
Search URL Search Domain Scan URL
Title: РГБ
Search URL Search Domain Scan URL
Title: LOC
Search URL Search Domain Scan URL
Title: ComicVine
Search URL Search Domain Scan URL
Title: Cyberleninka
Search URL Search Domain Scan URL
Title: Lib.rus.ec
Search URL Search Domain Scan URL
Title: Flibusta.net
Search URL Search Domain Scan URL
Title: Goodreads.com
Search URL Search Domain Scan URL
Title: Worldcat.org
Search URL Search Domain Scan URL
Title: Archive team
Search URL Search Domain Scan URL
Title: Reddit
Search URL Search Domain Scan URL
Title: Pilimi (Z-lib archives)
Search URL Search Domain Scan URL
Title: Search in WorldCat
Search URL Search Domain Scan URL
Title: Search in Goodreads
Search URL Search Domain Scan URL
Title: Search in AbeBooks
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB
HTTP 307
https://libgen.lc/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB HTTP 307
https://libgen.rocks/ads.php?md5=10FF76C135F92B7F1D3A3B3D772F36CB Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://libgen.rocks/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/invisible.js
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ads.php
libgen.rocks/ Redirect Chain
|
23 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
libgen.rocks/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font.min.css
libgen.rocks/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dark-mode.css
libgen.rocks/css/ |
294 B 422 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
139 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d53e2728a6de1b6d59e60f5833fa9c3f.js
fertilisedshoe.com/d5/3e/27/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-4139850031026202
fundingchoicesmessages.google.com/i/ |
147 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
libgen.rocks/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dark-mode-switch.js
libgen.rocks/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
10ff76c135f92b7f1d3a3b3d772f36cb.jpg
libgen.rocks/covers/2720000/ |
256 KB 257 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
libgen.rocks/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
libgen.rocks/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ |
62 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ |
82 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
form-validation.js
libgen.rocks/js/ |
686 B 806 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ |
344 KB 118 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230706/r20190131/ Frame A07F |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
391 B 603 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame D0C4 |
52 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AGSKWxUpDhrJ0rQFdfBpSUsJAkayyDBO5diHh_H4cd3LwcqhthTn1X0-QqN2hgoQC26js9xrwThU4CBmbBfqzh3xgXY=
fundingchoicesmessages.google.com/f/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
fertilisedshoe.com/f8e9fd155acd00cc14b9fd3ab99deaee/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
fertilisedshoe.com/84a3aa81854298fe0794b91196379fdc/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
fertilisedshoe.com/e445fc5fceeb52489a652f9894c20087/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306290101/ |
154 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
invisible.js
libgen.rocks/cdn-cgi/challenge-platform/h/g/scripts/jsd/19b997cb/ Frame 374C Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 165 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230706/r20110914/ Frame 7911 |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afr.php
ads.eu.criteo.com/delivery/r/ Frame 06F7 |
197 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 7911 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230706/r20110914/client/ Frame 7911 |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7911 |
179 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7e4f82231d3937e8
libgen.rocks/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 374C |
0 578 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 7911 |
212 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy_small.svg
static.criteo.net/flash/icon/ Frame 06F7 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 06F7 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close_button.svg
static.criteo.net/flash/icon/ Frame 06F7 |
308 B 637 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back_button2.svg
static.criteo.net/flash/icon/ Frame 06F7 |
293 B 621 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 06F7 |
43 B 348 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animejs.js
static.criteo.net/animejs/ Frame 06F7 |
12 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
22 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
imageproxy.eu.criteo.net/img/ Frame 06F7 |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame 06F7 |
0 128 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy.svg
static.criteo.net/flash/icon/ Frame 06F7 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 7911 |
0 23 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 7911 |
0 126 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 941C |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 3A0A |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js
pagead2.googlesyndication.com/bg/ Frame 941C |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 68 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
px.gif
fundingchoicesmessages.google.com/img/ |
43 B 68 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A0A |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 941C |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 7911 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame 06F7 |
0 127 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pagead46.
fundingchoicesmessages.google.com/f/AGSKWxWpjdPGnyJNF3Xf2cFHDKh3e-AjfR8xc2Xph9mXcUs1mdVnzv4GyPgbcpk42D9B_ylt7GDf5KbTKbs8_XxPbs_GpBNDXizAEXgDlf7llLxJOccwabPqeiZdogqfpxfHUiF6SUSYJ-EgrrUgd3FYlMY0T68b_... |
54 B 109 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum.js
pagead2.googlesyndication.com/pagead/js/ |
62 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXL-6LYfITP3VPjwKqO2dCCkpOUfurYMn5uZNwWaHg2u9_uHerXVwCxl3D6qclo8_RsvZ8qOS-eTYcHucXP5wCY2-L_B4LxxGtob5yrcqdhVom3NyrpRYnmtYuMi7LmZs_rD75LyQ==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxUCg980_wusoxjTJxnml5sRWjdBaO0uPEpIe0akHUdCL9-2KPgpVb8gfk16NWB8ESBL53gNm9koqnta3D4_4FVeSBSSDD4xZ8Q5khzfnYuUfQ6yWMI6uRU9EP3KfQz5WWU_vDjHpw==
fundingchoicesmessages.google.com/f/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxXv82cvPp8k6AH7qUoZ7tLTbmznDFH-GaIRfeLqYbDqCX0YnyB45lytFNt3AOL2YWv9dvSpIHSBaI2b6N5FxLE0vWXov_W1SEm4D1vdhKy96yQFsAGNmHiN41MVM3kFGjpWm129Fg==
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
65 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| darkSwitch function| initTheme function| resetTheme object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZmI4ZmJjYWRhNDk0YTc5ZmxvYWRlcl9qcw== string| ZmI4ZmJjYWRhNDk0YTc5ZmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| atOptions object| google_llp function| Popper object| bootstrap number| google_lpabyc object| googletag object| GoogleGcLKhOms object| google_image_requests object| _google_rum_ns_ undefined| google_rum_values boolean| 88ebdd6c-72ac-4861-9b5a-c8c96b7ace486 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
libgen.rocks/ | Name: PHPSESSID Value: ujnl05me7e5aatkrc55uh84tsa |
|
.libgen.rocks/ | Name: __gads Value: ID=748a6e3f7a9d6a7c-22efd81126de0031:T=1689062380:RT=1689062380:S=ALNI_MaCO8yEcReFMOTqRpaLt9MGdEAwpA |
|
.libgen.rocks/ | Name: __gpi Value: UID=00000c3ba799cbf8:T=1689062380:RT=1689062380:S=ALNI_MZCpuxh10ioMpJDcg8tMw9eg_EKIQ |
|
.libgen.rocks/ | Name: __cf_bm Value: YLrUgafIwtE402nyAvYiURETRcmZNXCq31sJTxE_9Ro-1689062381-0-AfGIvKYg9s57Jzfqwm/eMXDOeoeK2AS8rXMpyCZ+oOytgQPXeYwPOreeoGqyZuDlaQ== |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnjGhqlSkmJk658JyyyUeow9TT5nUstHZS8x3qt7doIecZKO2VNuLejT-RYDX0 |
|
.libgen.rocks/ | Name: FCNEC Value: %5B%5B%22AKsRol9LTp-M8WSraCR66Eq57I_bN-To6PV-B-bwjHcx2mmG5sCHq2eIVLKzYICKVDiRNaSySbqMmxQTcVsWHFOfkSUj9dsPrvjCcJxHTspqALE3DXwrYSCKXjP6mbNM9XVSPT5q-zSJAo9ShJWy7369htNhTW0gSA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.eu.criteo.com
adservice.google.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
code.jquery.com
csm.eu.criteo.net
fertilisedshoe.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
libgen.lc
libgen.rocks
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.fr3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
173.233.139.164
178.250.1.6
2001:4de0:ac18::1:a:3a
2606:4700:3036::ac43:c53e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::13
2a02:2638:d::c
2a04:4e42:600::485
89.248.170.56
042de207c43d7207b0cc7c3e09136e3376e857fd0b6107f52d25bec345f430f2
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439
123f418baecc0666a20ad91a62228512c157cda3e9916b85206fffd26fe75dbb
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18eb63be7656c2ad2f249f217dcd2e4eaa75e11e5b61e92c45499564bcd27dfd
23c741adb504025c38efb6b8bb9a1ad76d9f3fa10265befa2f8af36f2dc2cb03
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34bd0aa8297253c1a89e44a0cea7d406ab680ec8e188de3ea8460c276b67ecc9
356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13
36cc76ca61ea2c86067e1aaf5baea0b75057968a21ed2bb568e4f8e26587f6ed
3c6d65655a764cda683a50c2031dccf089b3eb12318207eb01b5e9e9e542059a
426d24da68cc47e2dba7fee18945767c6c09bf1e22c0a6c33526c107fd38faf8
45c5f1ca282606103395dfe0b76b9ad7b6631ced43df0a00e590c2ffa24d777e
4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f85df3c9d8f50a2eab5b6722e3bf7244ec8b8ab936625c399d1ab34581a0d4
5b0b3fd5942093375864e3006fe72ed16c2a270823421ae22993d4cef9044e0b
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e28ad286f8d09dc7db761079ac508f7f9657155063ce3863285078322bcfc8
6350de53c5981052153e5b1b0b20c303e6cbc5b1cbe3ddd00a01840500ba3cbb
64213b662ad4b2b50c20b90519092b705f0ae65b85a3af89fab698c076486ed4
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
68067965ecc19f5394625cc2688f766a8d5829a2b9e1ca59efde67ef15b5ca81
6e1a9a9d9d4e35556c5f7f2bfe65e9bb57c5c55ffe3fd85d0e2dbb6531a52f2d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
79cbf9d3dc9d8df1616dd585c95022e1104e8b2700974ba07a9c1a26187bf3e3
7b6d98d6ececa4766dde1fe30b0ff4bdc5ab6025436bd48f3f775b9b46f87ad0
7d9fd4d62d2f3bea39441aa1f818b9d64f0bb347eb3aff5287f9036d8245d1b8
85cd130cdba937bb1f387fbc9dc3f3c1bda869e0930f99e4162516e1e31e512c
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b4bf4a5709aeaead162535918dcb5f5df7fd50e10e08f1175cdcc134104f9bd1
b8cebe2c8762199df0e2ae5d1d08a16443de2e329b24c405c0e46ccee37606c2
c7475770083e0a6676e554c9d74c95fa268942be74384bd5d036d5e3fc8d32b6
c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591
ca41f1d0152e00a99d14f3cae7e6c657a3767b23d6ef66f1ee5ba50613b96ddb
d2a9e4bb2bb7af4756a7dd399ba1a0800d20de0d34855579d6d0fb156a99e71f
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b288c273d1671346994b30c929b5735e5ae39950d7e75a4f315a86b901f11f
ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67a8224071ae4637d61ff7369eca36307ed440ee06036787d627ef2eab87217
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fecbd40e01876136ad73e121c6bb9c410bf4df53caff7a49793960304f9020e4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e