libgen.rocks Open in urlscan Pro
2606:4700:3036::ac43:c53e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://libgen.rocks/
Effective URL:
https://libgen.rocks/
Submission: On February 01 via manual (February 1st 2023, 8:15:12 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3036::ac43:c53e, located in United States and belongs to CLOUDFLARENET, US. The main domain is libgen.rocks. The Cisco Umbrella rank of the primary domain is 331721.
TLS certificate: Issued by GTS CA 1P5 on December 24th 2022. Valid for: 3 months.

This is the only time libgen.rocks was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:303... 2606:4700:3036::ac43:c53e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
52	16

15 2606:4700:3036::ac43:c53e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

libgen.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	libgen.rocks 1 redirects libgen.rocks — Cisco Umbrella Rank: 331721	79 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	264 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 csm.eu.criteo.net — Cisco Umbrella Rank: 7891	14 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	25 KB
2	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7817 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9740	46 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741	696 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	38 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	48 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	605 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 673	31 KB
52	11

	Domain	Requested by
15	libgen.rocks	1 redirects libgen.rocks
9	static.criteo.net	ads.eu.criteo.com
8	pagead2.googlesyndication.com	libgen.rocks pagead2.googlesyndication.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	libgen.rocks
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	libgen.rocks
52	15

This site contains links to these domains. Also see Links.

Domain
libgenfrialc7tguyjywa36vtrdcplwpxaw43h6o63dmmwhvavo5rqqd.onion
phillm.net
libgen.rs
ftp.libgen.lc
libruslib.ucoz.com
b-ok.cc
sci-hub.ru
magzdb.org
nlr.ru
rsl.ru
loc.gov
comicvine.gamespot.com
cyberleninka.ru
lib.rus.ec
flibusta.net
goodreads.com
worldcat.org
wiki.archiveteam.org
www.reddit.com
pilimi.org
libgen.li
libgen.gs
libgen.lc

Subject Issuer	Validity	Valid
*.libgen.rocks GTS CA 1P5	`2022-12-24` - `2023-03-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://libgen.rocks/
Frame ID: 8A3E51353C76EC7A5EFCF9AAB0886E53
Requests: 27 HTTP requests in this frame

Frame: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675281600
Frame ID: 84AAE66F3C9870F318FD55D4AABF6C7E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
Frame ID: 6BB26B79CDFB6294646C485D49F2C76A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1675282507&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Flibgen.rocks%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675282507422&bpp=5&bdt=297&idt=505&shv=r20230125&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=741907294504&frm=20&pv=2&ga_vid=1354607223.1675282508&ga_sid=1675282508&ga_hid=1525671183&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44783239&oid=2&pvsid=3024706393839127&tmod=283203450&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=542
Frame ID: 3FF1CDB137BC9FCC6A963BA73BD2D28B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Frame ID: DFB607741143A9A8ED2734435C9D6844
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9rITAAAKB4K7auIAA11ReAkosta5Z1BExUa6A&u=%7Cvjb7UEWgtpUSV%2FHSkEOxpygZUbzX3cwCls4F54mACaA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDQbT9-Qjh-oTSWwMUHTRP8cbV4VOwjLS-aDvhFFYF26RjkWfX4QtuzTTVecGcIaroK4YK8GzlNTWBYFWfuJnYt4HbMOiryNB-rJGj9jD2jW_Zf2XFkM5hA6JYU8-qnEeX0OqB9_KziRIMba8VFBmwRRDgVhgYBy3lQv9RLlnlGhUu1Iah6tUVbDbP0gHuk6M4GROw_co1mTrW4dgYxeEnfIiUFC2cTlau84wVeHyC2y12OlMNpGR5_Sgun13cIiiqkp_XRrKvGbsRXa3AZ3M4I2vFXMpjslrP6ikoxnB1AWFz-p4yOK0IfzK9QgeY79KzRzV50g8g8vnEnjGjWGjTatlf3C3dVGq5epoNEB6hbCQb34JvCn30cGGqshBNy2kIdphODx57kldxR5rArTBeQQXDRTafz7kbD_3o_USgX2-BTrSTTJY-LOZETVpUEXtbWagbX-5RWdUK9huyDe8FTVDgMQymKVdm70wLaGDcW4-eZR_4FOU5W2wv4FRfqywxj74RtXL8tvdpRqGKYVRvZSQvGOPkiv1ANhS7xaBfXlI9fb4_ERk2PJYH8DuVlbRh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44R-TMjaY55QiNe2B8XqtZAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MTM5ODUwMDMxMDI2MjAyyAEJqQIAdxmc1ESyPqgDAaoEvgFP0L11jJMIEgBjd6wwK7zLNohyQgeHdj3BOiZR9puKTfy23NCjnONMor65Mjus6BMsYLHYNepHwmrJmdqosTZKoU1o325qodsRCybS8yGpHre13RoPzFDus6BccdQXyZryNRjIu0dFaSThdbv9-OMovd4VtLAxyAyNj9VJ6JkdwNxf2w4uVcRVl8lXDcpaq8ZEbZ5P3sd6EUUe4Zm8C3gavVX1LzWaz5i3eJYntDIik_OsIvFomQMeIGT7jF0SgAbP75Oew4mDnYsBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2a6VRMhRgcVcQDPt1E41Y3-n6pQg%26client%3Dca-pub-4139850031026202%26adurl%3D
Frame ID: 70F1C8DB7C8323701062E9223C8A8206
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4A767CE23E1F898303F8343D5F91227
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C1094396F0629D6E031A35846D4EB13
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Library Genesis

Page URL History Show full URLs

http://libgen.rocks/ HTTP 307
https://libgen.rocks/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

52
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

16
IPs

4
Countries

547 kB
Transfer

1670 kB
Size

9
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://libgenfrialc7tguyjywa36vtrdcplwpxaw43h6o63dmmwhvavo5rqqd.onion/
Title: TOR

Search URL Search Domain Scan URL

URL: https://phillm.net/libgen-stats-table.php
Title: Torrents status

Search URL Search Domain Scan URL

URL: http://libgen.rs/dbdumps/
Title: libgen.rs (gen.lib.rus.ec)

Search URL Search Domain Scan URL

URL: ftp://ftp.libgen.lc/upload/
Title: FTP

Search URL Search Domain Scan URL

URL: http://libruslib.ucoz.com/index/libgen_bibliotekar/0-5
Title: Libgen librarian for desktop

Search URL Search Domain Scan URL

URL: https://b-ok.cc/fulltext/
Title: Full text search

Search URL Search Domain Scan URL

URL: http://sci-hub.ru/
Title: Sci-hub

Search URL Search Domain Scan URL

URL: http://magzdb.org/
Title: Magzdb.org

Search URL Search Domain Scan URL

URL: http://nlr.ru/rlin/Periodika_rus.php
Title: РНБ

Search URL Search Domain Scan URL

URL: http://rsl.ru/
Title: РГБ

Search URL Search Domain Scan URL

URL: https://loc.gov/
Title: LOC

Search URL Search Domain Scan URL

URL: https://comicvine.gamespot.com/
Title: ComicVine

Search URL Search Domain Scan URL

URL: https://cyberleninka.ru/
Title: Cyberleninka

Search URL Search Domain Scan URL

URL: https://lib.rus.ec/
Title: Lib.rus.ec

Search URL Search Domain Scan URL

URL: http://flibusta.net/
Title: Flibusta.net

Search URL Search Domain Scan URL

URL: https://goodreads.com/
Title: Goodreads.com

Search URL Search Domain Scan URL

URL: https://worldcat.org/
Title: Worldcat.org

Search URL Search Domain Scan URL

URL: https://wiki.archiveteam.org/
Title: Archive team

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/libgen/
Title: Reddit

Search URL Search Domain Scan URL

URL: http://pilimi.org/
Title: Pilimi (Z-lib archives)

Search URL Search Domain Scan URL

URL: https://libgen.li/
Title: *.li

Search URL Search Domain Scan URL

URL: https://libgen.gs/
Title: *.gs

Search URL Search Domain Scan URL

URL: https://libgen.lc/
Title: *.lc

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://libgen.rocks/ HTTP 307
https://libgen.rocks/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
libgen.rocks/
Redirect Chain

http://libgen.rocks/
https://libgen.rocks/

29 KB
9 KB

254ms
204ms

Document
text/html

2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f23d68ce75b67ed5fba7b086717fc008c5982007d27828847c6d8f819cac34cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 792d5b744c276967-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 20:15:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDTHNnNHQjbXrJkcSatuobBbTGV0uxifCvgUNqbBAtQzUkdOsItDsSWVmuzdc5EGMW3NggZlmOtY4u41nBkuazHqf6Vr8wdgsLLs9Bn1m%2FEneYD%2FXBkflH%2BlZWq7Te8EREKA2Bez18KdaL8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 792d5b73ab03371d-FRA
Connection: keep-alive
Content-Type: text/html
Date: Wed, 01 Feb 2023 20:15:06 GMT
Location: https://libgen.rocks/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kg17uRi1VolUuzigu2iIKjsSuZ%2FhYYXtzfOXWegvD7uQSWBn36dKo1gd6NfhbhCEm%2FILhNfHlkj0Oxjqz%2Bm2SfslR4eDs3EC8Qqz1pXDELescs60t%2BmYD5PSlocRSRmm6pMaxH0jmdrU70I%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
libgen.rocks/css/ 157 KB
25 KB 31ms
29ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/bootstrap.min.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 508413
etag: W/"5f859e98-27288"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma%2F9gOVu1YpuKQW5ykBzYVuJJ7NbBFPublspoZ2ybRbKUmNIj0STajN6LHVoX%2BF8vlW4fakAf%2FR7WX3WnSFz1J9b%2Btq%2Fww6yGPu5EJfq%2FTUDoQO5VZnyD34t8tRkXuYOdBFtpFp8vJ%2BPCUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 792d5b759e116967-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Feb 2023 23:01:34 GMT

GET
H2 200 font.min.css
libgen.rocks/css/ 9 KB
2 KB 27ms
26ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/font.min.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Jun 2021 18:13:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 390762
etag: W/"60c104b1-25d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt%2BN5zF78Rs3bJDrg4l5pOIxkftC2VuXVZsiWrzzJ9RebxoQQouloTO5CiF3upjo%2BDNaKx1VoUMw3xMJDIw9HM2bsSEx0Su6xJ6ZFPRhe4E9yUozi2POufERUBLCdWvnp6NGGywzVbf9pFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 792d5b759e136967-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 07:42:25 GMT

GET
H2 200 dark-mode.css
libgen.rocks/css/ 294 B
446 B 28ms
27ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/dark-mode.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Apr 2021 06:48:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 390715
etag: W/"608a56c4-126"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5iyX4RRjGbdK%2FRDuiUdcdNUQlHcR4XHXntrtMLg83x30e9Pxd0YU0t7nYC0CXQLf0AtkZ3ie1I4M%2F5JW32JuVdHPMMkoANrp9SOZkqrwho18u5xz13Z3E0UcCVngg1cVGocNJgHFgdBUBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 792d5b759e146967-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 07:43:12 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 66ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: gzip
x-sp-metadata: HS256.CNus654GEo8BCiQ2OGUyOTJjZC1kNDJjLTRjNDMtYWNlZS1iYTU5ZTZhNjY1YWYQ+OiCoKvU+wIaBgjLkOueBiIUMmEwMzoxYjIwOjY6ZjAxMTo6N2UojIMCMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRlOTZhZDEwNi01Y2ZjLTQwOTEtODNjYi1lNzc1ZDg4ZDI2MTQYm/EBIhgIAhIUY2RzMjEwLmFtNS5od2Nkbi5uZXQ=.5WewJQyhdBsHBAglIIdodizjEQhQFC+ulma6L2ZWoy4=
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
x-hw: 1675282507.dop029.am5.t,1675282507.cds201.am5.hn,1675282507.cds210.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 paginator3000.css
libgen.rocks/css/ 2 KB
996 B 34ms
33ms Stylesheet
text/css 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/css/paginator3000.css
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516f6144fa746e04d0ecf92557dcf60b050a4f55b0a16a7aba2d4430cb147e14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Nov 2013 07:56:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 300307
etag: W/"528876ca-70d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LkwX%2Bhn65I4tI8yup2oJVWcz3kmAhKu36zVNx28PuzZ94wddbphvr33wwFgbzWaVvde7B89MTZtsa2cSQzMbCKQSh3ewALmL3f78Lr2punlpSxrudYru%2FKsrvldyTNYrpK%2FurejPA1iRYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 792d5b759e156967-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 05 Feb 2023 08:50:00 GMT

GET
H2 200 paginator3000.js Show response
libgen.rocks/js/ 12 KB
3 KB 35ms
34ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/paginator3000.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd97097f4c8a8636686956d117e8db6fcc2b94e8e04be11f96c2fa7e9d79da63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2013 01:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 472454
etag: W/"51621c5e-2ee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0jcjv46YTI3dKWrZBhPHhwhQ7CUONoC02HPjpNJV9qexpW0yelq0ZY4LFaqWd5vgKxqgR%2Bpm6gbfA03uB5OeYPxZKj8SvnxK3jmH%2FB7u5nV8mVyimKyQsxaOX2Bfq5N%2BZUE9WrROK0f0Xw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 792d5b759e166967-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 03 Feb 2023 09:00:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 180ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a454056e64c05a12e467793a64299c952fe0b6072dca7f2a928b25358e1b7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49900
x-xss-protection: 0
server: cafe
etag: 18249858713142689542
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 20:15:07 GMT

GET
H3 200 logo.png
libgen.rocks/img/ 2 KB
2 KB 29ms
26ms Image
image/png 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libgen.rocks/img/logo.png
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 391962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1976
last-modified: Sat, 30 May 2020 06:17:58 GMT
server: cloudflare
etag: "5ed1fa96-7b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al8IcyXKFZkWHfDWr%2BWSTGRBam9MI2zU538oHH4mGVitVxhP3Ndrjzl5CT8D9BRimYr4n186Grdm6Q4eg%2BHKm8ubRgDuTWMYq%2BQh1ySWcfUw5AFD1is4l4i%2FCM20%2FnIHtmYl3d0Gxd5LDNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 792d5b761e42917a-FRA
expires: Sat, 04 Feb 2023 07:22:25 GMT

GET
H3 200 dark-mode-switch.js Show response
libgen.rocks/js/ 3 KB
1 KB 33ms
28ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/dark-mode-switch.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 22 May 2021 16:34:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 391916
etag: W/"60a93285-b75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKUGfjF2UTVqIlMsdwyesjI5P%2BjjtFTTYMOS3%2B4ppHFO50GXiy936O4ge1FOefvomBvvcpSZO1qMCbTMxfnYtQmtkCFkX0iO9xCMfw15DpRYCErb72dZ7wBK7Aixq5S848BCO%2BTZAU%2Bsrwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 792d5b762e77917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 07:23:11 GMT

GET
H3 200 email-decode.min.js Show response
libgen.rocks/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
19ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://libgen.rocks/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Jan 2023 14:59:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63d7db5d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpzbpIFFsuB0W0%2Bs9HcgK1pw9mPAVgXDXka9o2wqhqjRPsla%2BoCyYw6IWrBjRGVsRy%2B381cRjCf1J6b9CnxlmNIYKRDSqzWq%2BVBTd7vyr6xrMGY98IWJkMwcJACTpDaWollansc%2FZdU3%2Bfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 792d5b762e78917a-FRA
expires: Fri, 03 Feb 2023 20:15:07 GMT

GET
H3 200 popper.min.js Show response
libgen.rocks/js/ 19 KB
7 KB 33ms
29ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/popper.min.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 16 May 2021 04:13:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 391962
etag: W/"60a09bf4-4ace"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHrjZchv7uwv0RTaOaKuGwo31%2FO5xl5Q%2B2dQlQ76z51s%2FYrujeJiOFks4nDLrnWOpxRNOgvoW%2BxHpFHU4xTS04m%2F%2FW2pw6HhBrQDazcTPKyYQmVrTpppqOvn91CAhFJ3MmBja7ADUaPxt2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 792d5b762e7a917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 07:22:24 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 62 KB
16 KB 40ms
19ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 14911
age: 27427993
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA, cache-hhn4055-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29V1PYnyz6FC2guYESRGzoJOb5N9QKMHLODiR0BnscthHklGUBf%2FIXzkfE%2FzwEFr2KQ61YAuKorpdJKFHKSBb%2BG%2BvuXX0EEJbBMPFt6f2bhik4sN8UKwFl6lQEZ%2FLav1yjB2xslrP5Ma8trE%2F5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792d5b764d339c10-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
22 KB 41ms
20ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libgen.rocks/
Origin: https://libgen.rocks
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4156282
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-yyz4522-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gUbg5kTqoY3srodYoqsD8jciO3r%2BGaMDEEvdncsWGvx%2FmseY6wFw7Qt2ul2uAicSGDT%2FzZA2utbgqXekoho3XmniUe%2BItzeUhsLrySkcJMqbERPozzFVzwHbZk9579f2OVwCW8lgbetfpt4V5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 792d5b764d379c10-FRA

GET
H3 200 form-validation.js Show response
libgen.rocks/js/ 686 B
833 B 32ms
28ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/js/form-validation.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2020 12:33:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 392474
etag: W/"5f859e98-2ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIgyeBI5C3GW6vuv9fqChAaZWsOxycKMQIHXsr9rovPuCZVv0u7ehdoq%2BKnfwwJ4NTw7sySKn3vZcUB6PZvrnRJLFw3TCHcs8yMHL5XR9ESONHz4yPyYsYuPTpXOgBOtjBKJ1JYg1XkUa3s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 792d5b762e7b917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Feb 2023 07:13:53 GMT

GET
DATA 200
OK truncated
/ 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482b6eaa9a50729dc26bd9c4f1b37063f6f2706e340f9f7cce9e98dd68231eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 invisible.js Show response
libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 84AA 38 KB
16 KB 25ms
24ms Script
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675281600
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381c45af569fbbb8d8c9e548fd9d47d16b26ca82c844d2317d91572e69cda568

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGxQA52DOpSJb4c%2FbuBYW7VXvea3RxKAzAFCD2t3RwWEmOXJAHW72SZHPDi3%2B6hwatXQvV02XtR61cIjSBvVzsCbBh6sh4vT9jtkrVLn7HDrHlKMtPqGRzLLLFLkj%2FuOWt4SRViLoz301oU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 792d5b76cffe917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/ Frame 84AA 19 KB
8 KB 28ms
28ms Other
application/javascript 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aefe16660560ac563cc8474936f1d870a4f6a205a6e14750fff250568b0907d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvC9qGazc%2FuyaQQ5nm790AktZr8iJ7Xl%2FqXSBykuKCKqFnZckSXbZUX8Hspdo6BmNo8P20xVjv9E3b8qYb%2FErFLSqEjvtGmFg07gx2x%2FU4V5X3GkPy6TQVljnT%2Fpec9vab3ozhct5qKTtMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 792d5b7728aa917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ 359 KB
118 KB 228ms
137ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4139850031026202&plah=libgen.rocks&bust=31071721

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acd3aeb96b6cee6e89aea872141a8cd5d92cb4733071626c5f020d9d23cab2ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120775
x-xss-protection: 0
server: cafe
etag: 10480704184864556153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 20:15:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/ Frame 6BB2 10 KB
5 KB 126ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4139850031026202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 14:58:57 GMT
etag: 10353107486223812946
expires: Wed, 15 Feb 2023 14:58:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 792d5b744c276967 Show response
libgen.rocks/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 84AA 2 B
667 B 45ms
42ms XHR
text/plain 2606:4700:3036::ac43:c53e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/cv/result/792d5b744c276967
Requested by: Host: libgen.rocks
URL: https://libgen.rocks/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675281600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c53e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Feb 2023 20:15:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kO%2BmQ%2Bi4CabwmR4GD3cQd4Sc3AKw5ogLsa2g5wwSOttZ1tQAN3n9zco9PTuGVDu%2BRwurIaOWwHnx6Sdzr%2Bzlfa5i8uqy2D2hqjtJo0e3G60Ki1h6W178cG79I%2Bnf2M6gHCKWBUXOv8i2pLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 792d5b7a8ec6917a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 151ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=libgen.rocks&callback=_gfp_s_&client=ca-pub-4139850031026202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4139850031026202&plah=libgen.rocks&bust=31071721

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65b8d8e452e6736156ace4a5ef5f1caf65aa1d9e94cb63b2ea853eb1a1ca13c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 202ms
45ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 175ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
71ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flibgen.rocks%2F&tn=NAV&cls=navbar%20fixed-bottom%20navbar-expand-sm%20navbar-dark%20bg-secondary&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: libgen.rocks
URL: https://libgen.rocks/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 20:15:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FF1 53 KB
16 KB 189ms
187ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4139850031026202&output=html&adk=1812271804&adf=3025194257&lmt=1675282507&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Flibgen.rocks%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675282507422&bpp=5&bdt=297&idt=505&shv=r20230125&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=741907294504&frm=20&pv=2&ga_vid=1354607223.1675282508&ga_sid=1675282508&ga_hid=1525671183&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44783239&oid=2&pvsid=3024706393839127&tmod=283203450&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=542

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c420189b685ab1947efdc6ed539078b81371276ebdacbba2cb886a881af330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 20:15:08 GMT
expires: Wed, 01 Feb 2023 20:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 87ms
87ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230125&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18c821d516c0e44b6b455e4a88565ab8219f37982414998e3c70a1752bd0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11347
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ 150 KB
51 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/reactive_library_fy2021.js?bust=31071721

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b50a0e033a9295a5ad38a4c04e3660e79157538fee2cbea507eea5174ac00fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52150
x-xss-protection: 0
server: cafe
etag: 3358502189751418457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Feb 2023 20:15:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 161ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 20:15:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 47ms
46ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
48ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=libgen.rocks

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/ Frame DFB6 10 KB
4 KB 44ms
36ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 18:54:12 GMT
etag: 10353107486223812946
expires: Wed, 15 Feb 2023 18:54:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 70F1 137 KB
45 KB 457ms
113ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9rITAAAKB4K7auIAA11ReAkosta5Z1BExUa6A&u=%7Cvjb7UEWgtpUSV%2FHSkEOxpygZUbzX3cwCls4F54mACaA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDQbT9-Qjh-oTSWwMUHTRP8cbV4VOwjLS-aDvhFFYF26RjkWfX4QtuzTTVecGcIaroK4YK8GzlNTWBYFWfuJnYt4HbMOiryNB-rJGj9jD2jW_Zf2XFkM5hA6JYU8-qnEeX0OqB9_KziRIMba8VFBmwRRDgVhgYBy3lQv9RLlnlGhUu1Iah6tUVbDbP0gHuk6M4GROw_co1mTrW4dgYxeEnfIiUFC2cTlau84wVeHyC2y12OlMNpGR5_Sgun13cIiiqkp_XRrKvGbsRXa3AZ3M4I2vFXMpjslrP6ikoxnB1AWFz-p4yOK0IfzK9QgeY79KzRzV50g8g8vnEnjGjWGjTatlf3C3dVGq5epoNEB6hbCQb34JvCn30cGGqshBNy2kIdphODx57kldxR5rArTBeQQXDRTafz7kbD_3o_USgX2-BTrSTTJY-LOZETVpUEXtbWagbX-5RWdUK9huyDe8FTVDgMQymKVdm70wLaGDcW4-eZR_4FOU5W2wv4FRfqywxj74RtXL8tvdpRqGKYVRvZSQvGOPkiv1ANhS7xaBfXlI9fb4_ERk2PJYH8DuVlbRh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44R-TMjaY55QiNe2B8XqtZAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MTM5ODUwMDMxMDI2MjAyyAEJqQIAdxmc1ESyPqgDAaoEvgFP0L11jJMIEgBjd6wwK7zLNohyQgeHdj3BOiZR9puKTfy23NCjnONMor65Mjus6BMsYLHYNepHwmrJmdqosTZKoU1o325qodsRCybS8yGpHre13RoPzFDus6BccdQXyZryNRjIu0dFaSThdbv9-OMovd4VtLAxyAyNj9VJ6JkdwNxf2w4uVcRVl8lXDcpaq8ZEbZ5P3sd6EUUe4Zm8C3gavVX1LzWaz5i3eJYntDIik_OsIvFomQMeIGT7jF0SgAbP75Oew4mDnYsBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2a6VRMhRgcVcQDPt1E41Y3-n6pQg%26client%3Dca-pub-4139850031026202%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

af811ce376f94d41544e4636bb2c635e9d358375c0c618ce277c80978be1f428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 20:15:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ykATtWkbvgpGn48YYBNZSCFALWY03akvnVEM7wCbRsEDjJQR2pK6DW8zxcvF5nel1BekKXOmrOKE9Im8JotsKtNrDIBhF80QsEn4xobJhsM15VsgdSJERNsRpYUS-IanoKTH4GD8nITpgrmZWRF_YpqEFhG72G7xUHPVND_LFbwC6ujAA3o7V4yO2mJ77G2_Z7T0h-_q7kdAsmt8Sdbm_t2Zxr1lT4BLKayB4ButsuPA7CDG8S3eSgq_YMwZdZRymv-M3A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 91750308
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DFB6 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 19:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 19:47:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DFB6 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 10:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Feb 2023 10:25:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFB6 157 KB
48 KB 135ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 20:15:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4A7 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 19:53:42 GMT
expires: Thu, 01 Feb 2024 19:53:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C10 783 B
1 KB 146ms
52ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

622dc140e70d9f06af6273b81305b160793710098a2ed0aa3deb7fbb787f74b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m7nNGPQPpxq2TtDb07tuCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://libgen.rocks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-m7nNGPQPpxq2TtDb07tuCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 20:15:08 GMT
expires: Wed, 01 Feb 2023 20:15:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js Show response
pagead2.googlesyndication.com/bg/ Frame E4A7 36 KB
14 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2e6kLxeeSlTXLHIHKIZu8zKMmhAlZmQUgR37z8_ueWI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 13:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 13:40:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C10 0
0 74ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230125&jk=3024706393839127&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E4A7 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?umh8SA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 70F1 2 KB
1 KB 55ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9rITAAAKB4K7auIAA11ReAkosta5Z1BExUa6A&u=%7Cvjb7UEWgtpUSV%2FHSkEOxpygZUbzX3cwCls4F54mACaA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDQbT9-Qjh-oTSWwMUHTRP8cbV4VOwjLS-aDvhFFYF26RjkWfX4QtuzTTVecGcIaroK4YK8GzlNTWBYFWfuJnYt4HbMOiryNB-rJGj9jD2jW_Zf2XFkM5hA6JYU8-qnEeX0OqB9_KziRIMba8VFBmwRRDgVhgYBy3lQv9RLlnlGhUu1Iah6tUVbDbP0gHuk6M4GROw_co1mTrW4dgYxeEnfIiUFC2cTlau84wVeHyC2y12OlMNpGR5_Sgun13cIiiqkp_XRrKvGbsRXa3AZ3M4I2vFXMpjslrP6ikoxnB1AWFz-p4yOK0IfzK9QgeY79KzRzV50g8g8vnEnjGjWGjTatlf3C3dVGq5epoNEB6hbCQb34JvCn30cGGqshBNy2kIdphODx57kldxR5rArTBeQQXDRTafz7kbD_3o_USgX2-BTrSTTJY-LOZETVpUEXtbWagbX-5RWdUK9huyDe8FTVDgMQymKVdm70wLaGDcW4-eZR_4FOU5W2wv4FRfqywxj74RtXL8tvdpRqGKYVRvZSQvGOPkiv1ANhS7xaBfXlI9fb4_ERk2PJYH8DuVlbRh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44R-TMjaY55QiNe2B8XqtZAGyZ7SsVyF_pf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00MTM5ODUwMDMxMDI2MjAyyAEJqQIAdxmc1ESyPqgDAaoEvgFP0L11jJMIEgBjd6wwK7zLNohyQgeHdj3BOiZR9puKTfy23NCjnONMor65Mjus6BMsYLHYNepHwmrJmdqosTZKoU1o325qodsRCybS8yGpHre13RoPzFDus6BccdQXyZryNRjIu0dFaSThdbv9-OMovd4VtLAxyAyNj9VJ6JkdwNxf2w4uVcRVl8lXDcpaq8ZEbZ5P3sd6EUUe4Zm8C3gavVX1LzWaz5i3eJYntDIik_OsIvFomQMeIGT7jF0SgAbP75Oew4mDnYsBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2a6VRMhRgcVcQDPt1E41Y3-n6pQg%26client%3Dca-pub-4139850031026202%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 70F1 2 KB
1 KB 48ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 70F1 308 B
636 B 55ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 70F1 293 B
621 B 50ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 70F1 43 B
348 B 209ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=oqouHz3wNTBkwzG0viObvgbPIFyrji3AJPszlvVVwgxJdtMACydUrjHSNWQVXjXiBlgGXYLbvgztSXRloCbib8DObU9fV78bFz1irJwn_ZbPb_D-bDKeqlBTxwHhqNKL9yy4-w2yOrLOKJYmdtphGYr8twcIufqT2n6hKJ-9IYWzjbw7j1520Ou6avUUhonaJUNUVVAPDU57PCtO-gNffYy1BAgs1407Xlm7EiSLzzaOrYV-ouspZ8ELBAJuDEcfzAbJaEeremnXIDJlZTGYDvQ1BM6kuDwZ3CaODZTiabBpHksimXlr2bgCGy1qUOFgjvR3_-LfB8ODvJh9UVEXPBADgxP89ju-YdjQfuwbai0WZen7VLOuqSeDlk_xi6h1R5Kkbq4kWnbudXqzYmk_zGFnDATnlK9fJaPJ4IX27NE4UfgS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 20:15:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2273646
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 70F1 2 KB
804 B 45ms
14ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:54 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7e-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H2 200 montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 70F1 2 KB
803 B 46ms
16ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:06:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391ef7f-675"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 70F1 12 KB
6 KB 25ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:15:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 70F1 0
128 B 235ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ykATtWkbvgpGn48YYBNZSCFALWY03akvnVEM7wCbRsEDjJQR2pK6DW8zxcvF5nel1BekKXOmrOKE9Im8JotsKtNrDIBhF80QsEn4xobJhsM15VsgdSJERNsRpYUS-IanoKTH4GD8nITpgrmZWRF_YpqEFhG72G7xUHPVND_LFbwC6ujAA3o7V4yO2mJ77G2_Z7T0h-_q7kdAsmt8Sdbm_t2Zxr1lT4BLKayB4ButsuPA7CDG8S3eSgq_YMwZdZRymv-M3A&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 01 Feb 2023 20:15:08 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 70F1 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 70F1 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 20:15:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:15:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230125&jk=3024706393839127&bg=!Li2lLWnNAAbFy4Ck5cs7ACkAdvg8WsCCJK8XZK8aOP7S2k90FZVWyHFzF8eC4fK7eQKsXIC97UdgywIAAABnUgAAAANoAQcKAId5OTi1SgUtXY1c8-ZFn26LiurI8OtiWnw3FJJtdUoVsCezpjU_bOMYCqiLUXMSi4oKoYqBvB80Dw2KYVyAQ3G-s8QtC7RAMjqw51_qGXGkQ1zJaVf42R37yDQYUk8Um05JPB9I7afEMZDK8uZqmviTuzgvqWdj0JhJBptCQubPEAXLsJekMzyZApALJytBtI2AiE7pWastLOvQZgFdMtIr_izdEBqaBZIDHdkpOAWlLD3Yw_85JE7YZSdNle81z6muxoR3EcxxVXISAELMtz3SFgrF04Bk9-JgBrv5GqGt2cF2mRBMTvYcDnl_AI89FffJ6cfwUtDn0EvknKygHbf0jABsm0f1-BdA7_zffVoU7nbB44pOlnBXbpvqv_PdMUP9uOuB2DKz45LVZjXbwtEnAvZUxQripDnxpZvu2Uyp7hsGzn14UR8KONg77rDlA1ISvEYVMoELTvUOa8JGKhPb6dveKlVwvtx7Z2caDo6sAFPIBWxuMyOWXfCFAaQGQpFvBB8fnm1heNwuF14yduOElAc3iqbexPFx2GHMfaaEiQj8s9C2H5xWJCnejUUiogcG1bANP9-G6csx4XMBRF48al6sCVYMdLYVb7zh5h0e_JZShzprdN0SUbsqls35UGkcUu5fpzDtH43IqrRssgD1uQF4cbTyFH0fmkGDzKqVyAZPYigVIJET48RKMfc5ya0laM5pb6OimfgWpjhGsu_zszAnEp6bE8TFD9ITNCeK3706dFN9pwWabUhNsG3y3-nU0s3298YNetfydwRDi0m2xxDoSSlu-yHkGOH4zHetV49vOcV3QmiNbSQTRgRLhVIWX1D_kn6HYDIUPM8rE_4q7u-L8m0-oG6piZn4xy7KL3WgbtwLDgOPjrclxiSWSMvFzqWw_lY8D9916G75Za54bYxfD4gyltvoXl33uU5k6UlIIKyeu9mWIplfdcNEPtuLDj5CNo21uEJe2CRoNiFXtPe7DjWrvuOb8HslaJK6JbXdODKP2V5xKv1MbYqh8PLKyqZOWhhTnwXXvWVaSGsyR9ZqT9JPq1TieA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://libgen.rocks/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
libgen.rocks/	1970-01-20 18:06:58	Name: objects Value: f%7Ce%7Cs%7Ca%7Cp%7Cw
libgen.rocks/	1970-01-20 18:06:58	Name: curtab Value: f
libgen.rocks/	1970-01-20 18:06:58	Name: columns Value: a%7Cs%7Ct%7Cp%7Cy%7Ci
libgen.rocks/	1970-01-20 18:06:58	Name: topics Value: l%7Cf%7Cr%7Ca%7Cm%7Cs%7Cc
libgen.rocks/	1969-12-31 23:59:59	Name: PHPSESSID Value: lricjasl6e7fsmgcifaegnbfa0
.libgen.rocks/	1970-01-20 09:21:24	Name: __cf_bm Value: WRFCPpNlt2IZAfMNP73dYjuKGsXLOuHl26vPvZREhlo-1675282507-0-AfNDMA0E835l0O/hTS6s1tIfQSEiG01i00MLwym0W48cPo0oBvJc47j/ay8AqgrbHzhopz3vtuy4sjjTTh1kMBBJTVtXyfE96+x+VcmS1fUS9jp8Kj6g8M8G8acOWH+fH4VNWkblMcQZn/WktbHl7Ic=
.libgen.rocks/	1970-01-20 18:42:58	Name: __gads Value: ID=1c6724942d84d37c-227ff20f83db0063:T=1675282508:RT=1675282508:S=ALNI_MZ5IL0CP8pVs1fZWY6qYqzElxz2tQ
.libgen.rocks/	1970-01-20 18:42:58	Name: __gpi Value: UID=00000badf803004e:T=1675282508:RT=1675282508:S=ALNI_MYA0mi-CisWmeHer04k5uMMLbHWBw
.doubleclick.net/	1970-01-20 09:21:23	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdn.jsdelivr.net
code.jquery.com
csm.eu.criteo.net
googleads.g.doubleclick.net
libgen.rocks
pagead2.googlesyndication.com
partner.googleadservices.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
178.250.2.148
2001:4de0:ac18::1:a:1b
2606:4700:3036::ac43:c53e
2606:4700::6810:5714
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::21
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0d84039d9211fa1aec37908003c354093735e36ebb3351a7d40687ccd4637439
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e94841b3484e63d1b0c58e7fd286ebd5f1f5f6b03b813d3696018d2b00ef48b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
356eef4354ee9f565222bebb778c4fd35afb5534da19f665a8d2dc75e0ccfc13
381c45af569fbbb8d8c9e548fd9d47d16b26ca82c844d2317d91572e69cda568
4964c6a251428e2229a3be8650aad14850c9794fa9c85f097c38b0553d374fe9
4a18c821d516c0e44b6b455e4a88565ab8219f37982414998e3c70a1752bd0a0
4aefe16660560ac563cc8474936f1d870a4f6a205a6e14750fff250568b0907d
4b50a0e033a9295a5ad38a4c04e3660e79157538fee2cbea507eea5174ac00fa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f6144fa746e04d0ecf92557dcf60b050a4f55b0a16a7aba2d4430cb147e14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622dc140e70d9f06af6273b81305b160793710098a2ed0aa3deb7fbb787f74b8
65b8d8e452e6736156ace4a5ef5f1caf65aa1d9e94cb63b2ea853eb1a1ca13c7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7482b6eaa9a50729dc26bd9c4f1b37063f6f2706e340f9f7cce9e98dd68231eb
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
83c420189b685ab1947efdc6ed539078b81371276ebdacbba2cb886a881af330
8a454056e64c05a12e467793a64299c952fe0b6072dca7f2a928b25358e1b7e1
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
acd3aeb96b6cee6e89aea872141a8cd5d92cb4733071626c5f020d9d23cab2ed
af811ce376f94d41544e4636bb2c635e9d358375c0c618ce277c80978be1f428
c86333d79746bb469e7d3fd957b4e58f05fc2e2c22033a9f523653aae6142591
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d9eea42f179e4a54d72c720728866ef3328c9a1025666414811dfbcfcfee7962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea96f56d81b43a7e7b54f562543cc7b1348c8fa91b540c35aec106647d0d0c34
f23d68ce75b67ed5fba7b086717fc008c5982007d27828847c6d8f819cac34cb
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fd97097f4c8a8636686956d117e8db6fcc2b94e8e04be11f96c2fa7e9d79da63
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

libgen.rocks Open in urlscan Pro 2606:4700:3036::ac43:c53e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

93 %IPv6

11 Domains

15 Subdomains

16 IPs

4 Countries

547 kBTransfer

1670 kBSize

9 Cookies

23 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

libgen.rocks Open in urlscan Pro
2606:4700:3036::ac43:c53e Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

93 %
IPv6

11
Domains

15
Subdomains

16
IPs

4
Countries

547 kB
Transfer

1670 kB
Size

9
Cookies

52 HTTP transactions
1 data transactions