sci-hub.ee Open in urlscan Pro
2606:4700:3032::6815:a85  Malicious Activity! Public Scan

URL: https://sci-hub.ee/
Submission Tags: falconsandbox
Submission: On February 28 via api from US — Scanned from DE

Summary

This website contacted 34 IPs in 11 countries across 35 domains to perform 164 HTTP transactions. The main IP is 2606:4700:3032::6815:a85, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.ee.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2022. Valid for: a year.
This is the only time sci-hub.ee was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
21 2606:4700:303... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::2 44788 (ASN-CRITE...)
3 2a02:2638::b 44788 (ASN-CRITE...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.33.220.150 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 16 172.217.18.2 15169 (GOOGLE)
3 3 37.157.6.245 198622 (ADFORM)
3 3 213.19.147.45 26120 (RHYTHMONE)
2 3 51.38.120.206 16276 (OVH)
1 2620:116:800d... 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 35.227.252.103 15169 (GOOGLE)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
21 2a02:2638::3 44788 (ASN-CRITE...)
3 178.250.0.160 44788 (ASN-CRITE...)
12 2a02:2638::c 44788 (ASN-CRITE...)
6 2a02:2638::21 44788 (ASN-CRITE...)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 3.127.31.230 16509 (AMAZON-02)
2 2 63.32.244.117 16509 (AMAZON-02)
4 2a00:1450:401... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 64.233.184.157 15169 (GOOGLE)
1 2 88.212.202.52 39134 (UNITEDNET)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
164 34
Apex Domain
Subdomains
Transfer
39 criteo.net
static.criteo.net — Cisco Umbrella Rank: 625
pix.eu.criteo.net — Cisco Umbrella Rank: 7936
csm.eu.criteo.net — Cisco Umbrella Rank: 8487
473 KB
28 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
bid.g.doubleclick.net — Cisco Umbrella Rank: 703
83 KB
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
292 KB
21 sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 351743
584 KB
9 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15753
ads.eu.criteo.com — Cisco Umbrella Rank: 8414
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13386
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9640
127 KB
6 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1090
r1---sn-4g5edndy.c.2mdn.net — Cisco Umbrella Rank: 674548
951 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
imasdk.googleapis.com — Cisco Umbrella Rank: 442
133 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
827 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
145 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9857
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2292
794 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 725
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 510
2 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 741
s.tribalfusion.com — Cisco Umbrella Rank: 1813
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
696 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398
587 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 596
191 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1794
297 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313
457 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1367
350 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 614
98 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 654
464 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957
573 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
265 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2856
104 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
600 B
1 sci-hub.ee
sci-hub.ee
7 KB
0 kitbit.net Failed
kitbit.net Failed
0 pluso.ru Failed
share.pluso.ru Failed
164 35
Domain Requested by
21 static.criteo.net ads.eu.criteo.com
21 img.sci-hub.shop sci-hub.ee
16 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
15 pagead2.googlesyndication.com sci-hub.ee
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
12 pix.eu.criteo.net ads.eu.criteo.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
sci-hub.ee
6 csm.eu.criteo.net ads.eu.criteo.com
4 csi.gstatic.com imasdk.googleapis.com
4 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 cat.fr.eu.criteo.com ads.eu.criteo.com
3 onetag-sys.com 2 redirects googleads.g.doubleclick.net
3 c1.adform.net 3 redirects
3 ads.eu.criteo.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
2 r1---sn-4g5edndy.c.2mdn.net
2 counter.yadro.ru 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 match.360yield.com 2 redirects
2 x.bidswitch.net 2 redirects
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 sync.1rx.io 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 dsp.adfarm1.adition.com 1 redirects
1 pixel-sync.sitescout.com googleads.g.doubleclick.net
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 id.rlcdn.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 sci-hub.ee
0 kitbit.net Failed img.sci-hub.shop
0 share.pluso.ru Failed img.sci-hub.shop
164 48

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
sci-hub.ee
Cloudflare Inc ECC CA-3
2022-10-22 -
2023-10-22
a year crt.sh
sci-hub.shop
Cloudflare Inc ECC CA-3
2022-05-23 -
2023-05-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.de
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-18 -
2023-05-20
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-22 -
2023-03-26
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-15 -
2023-04-15
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-04 -
2023-04-05
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-13 -
2023-04-15
3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-13 -
2023-04-17
3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-02-07 -
2023-04-18
2 months crt.sh

This page contains 17 frames:

Primary Page: https://sci-hub.ee/
Frame ID: FAB8F375E9C5F2E85C2AC28050996699
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Frame ID: D112ABEF470E0B9A5B2509B8AC2B8932
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Frame ID: 4681D1D41EE39DD35B920DB103652E0A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1677590140&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140271&bpp=2&bdt=442&idt=241&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: CB486AFAD5AD8FF58C19059D61B277DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Frame ID: 67EB4450138706DA6B400B712A2750AA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Frame ID: 5BE25E1D04213FE0624CE6F258A37BB0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.3357258965~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=IW3VLjrhcV&p=https%3A//sci-hub.ee&dtd=17
Frame ID: 6817BE7943E7B56FC6DB372D945F3FF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Frame ID: 7F7D1B4D1ACDF9D175DC6C74165C9525
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: A38573B4047411C14654707B5F7D2D24
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C11761B6F40C194063FC69159911FED3
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: C22B188D556A68A45E10320DC25D7C3A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 450CA3B2CEBB784B95C1ABFE4EEE43D3
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: CC5E7BE230FEF031792328630F5F4C92
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B76FF34D57DF4C236452A6DF3945F0FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 97E51653CC19BD0BD0F9FF92F8BCCAEB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCFC9103C6603AB5E2C824DA6BD6A4A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE7573F789538781BC580A259E059347
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

sci-hub proxy search links

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

164
Requests

87 %
HTTPS

60 %
IPv6

35
Domains

48
Subdomains

34
IPs

11
Countries

1881 kB
Transfer

3855 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 58
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH27xe2yRltccDZ_M-IL-8E&google_cver=1&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
Request Chain 59
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI
Request Chain 60
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELJQd9_T-xkvSONh7-yOcA4&google_cver=1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677590141033 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE%26google_hm%3DAz7tYfCePk7LgpkUvN-3QbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&google_hm=Az7tYfCePk7LgpkUvN-3QbI
Request Chain 61
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEwAZ5s_Qith5EZD24QkOKo&google_cver=1&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7Sjic2LLtovBnkaIpWpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7Sjic2LLtovBnkaIpWpw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 66
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEr1y5mj89j0gjhED0iG5IE&google_cver=1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEr1y5mj89j0gjhED0iG5IE&google_cver=1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1kweMLN9Ra2u94j_dYOH0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O
Request Chain 67
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKdAinT73DScC6t5jnCOJuU&google_cver=1&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPOVVUQUQtQy1EMlAw&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim
Request Chain 68
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_cver=1&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_hm=Y_3-fXKg8lNWE4tw2KwOkwAACHIAAAAB&google_nid=index&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34
Request Chain 110
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF8HcCTlVoz-D_BzB_OKBqY&google_cver=1&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTE5NDc5MTY5ODI5OTAzNA%3D%3D&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4
Request Chain 111
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg&google_hm=ysRfBwOOQfSLYByX9REQHQ==
Request Chain 112
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAJys-oGhVhQkjwDRjqtWVo&google_cver=1&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
Request Chain 113
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGhcjK5x5u1CQ-LkdDHJ0I&google_cver=1&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ
Request Chain 114
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPQdZSR8AZjoHrxtwaTx8UQ&google_cver=1&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M
Request Chain 115
  • https://match.360yield.com/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mqgDzd31SHq492zdVfUpSA&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY
Request Chain 144
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
Request Chain 150
  • https://gcdn.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/65D67AA869028178B3D9DC96ADBFFDDFE0727791.3184E4810BA62D8784EA6E970A82C3847656634C/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13E50141EB0357037436C611723767F410760C54.5F53ABCD2977D60F24C99C70559789823872E2E8/key/cms1/cms_redirect/yes/mh/o0/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edndy/ms/onc/mt/1677589583/mv/u/mvi/1/pl/29/file/file.mp4

164 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sci-hub.ee/
27 KB
7 KB
Document
General
Full URL
https://sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b159fa8e90945bc80cd1c0757eef0c2ff67540dda47318beff5be8b70df10642

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=43200 no-cache
cf-cache-status
DYNAMIC
cf-ray
7a096e22cee3914c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 28 Feb 2023 13:15:39 GMT
expires
Wed, 01 Mar 2023 01:15:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DnLYeNeWsbgewm681fQKK0%2Fi8HrDOCj1VxhOQwwBoVT%2FibaGetQ6qz8bvm1Y6nWobtXDikNW6Y0uleC%2FNWgkHnETG53f00ihZ3qvvETiBWZUNsBvtG0jKhBBuZILWklfVlKnA6erhQK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-cache
MISS MISS
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/
85 KB
31 KB
Script
General
Full URL
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
454746
etag
W/"5c00bb7c-152b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPR%2F3MC0vvrPZvFew8ggbhcERQT3lvBcZGwGaucArHgMlHni0quQXVAi43D9ThyZHIDyVxTn6zTVZEpaiQei6iYjWdnafw79iZkadiiUylEEv1e99L9ez7ZXImXnVrES0dJZRKh%2BlpHSWLceHL7W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a096e26694d368c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 18:56:33 GMT
jquery-ui.min.js
img.sci-hub.shop/scihub/
248 KB
68 KB
Script
General
Full URL
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Dec 2018 08:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
454746
etag
W/"5c13665c-3dee4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fq6kQKQuVDZ%2Fm7EGWWJ4Eihgccyjhfz1vL8SheQCSEdceZiivfR3bDBDXvkP99YNjbIGG7KJnx2b7CML2nZDVnAbS8nD2nVT5wLGX1d1oLHCEL1yxaubQ35NNxVKRgk2SQAcwsEbAmbQYFqGV1Yl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a096e266950368c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 18:56:33 GMT
openapi.js
img.sci-hub.shop/scihub/
94 KB
23 KB
Script
General
Full URL
https://img.sci-hub.shop/scihub/openapi.js
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
454746
etag
W/"5c00bb8c-1798d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Fpn%2FgovBUReG8BjZhwr1r%2BjtjJ9SS3TRTjAaAzA%2FjhFsmRosDaxL503o3wvZkY5RJRbHLjMT3PMVo%2BxrTBH6NQfqWkj4qxI86wCCcXeIYPgxhNeiqvVlPgt6JwiU%2B92Lw3ZRz5U%2BdL4TeZC0c2q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a096e267953368c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 18:56:33 GMT
medal.png
img.sci-hub.shop/scihub/
22 KB
22 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/medal.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454754
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22275
last-modified
Fri, 30 Nov 2018 06:13:38 GMT
server
cloudflare
etag
"5c00d512-5703"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXC8bQpB8hGbcl25b3gsFNhs2gSMcppA%2BQWjVc4Vk8eCjRYTFsNSqDH6jcfdRGNicXYWuCmkTRNAT0GCSL%2F2BwLGDt3AKOh%2B%2F22h9evWU1NWYl6vN5dBskorm2yN63O3y3MdaFyFRBhx599b%2BqWD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e26d9f5368c-FRA
expires
Sat, 25 Mar 2023 06:56:25 GMT
key_1.png
img.sci-hub.shop/scihub/
8 KB
9 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/key_1.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454754
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8428
last-modified
Fri, 30 Nov 2018 06:13:40 GMT
server
cloudflare
etag
"5c00d514-20ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUdY9xa8WXf8cnSXE6S9itOFn06XjSb8fAM86saQOcFTGocxV1a8V%2F1sL8%2Bqu6KC4Lqe1pXr4iFYXoUtAqduWNxpcuPNhz6eEHKsr%2Fmg8mrNeAGkQo6HIqg31KhwZ8GxHoXMiz5zRLWDN68CNet3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e26ea0d368c-FRA
expires
Sat, 25 Mar 2023 06:56:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81a140499570e360cb09d601f7eb7da3a865abae6516013f7b0f7777dce9591a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49470
x-xss-protection
0
server
cafe
etag
12161527375708763004
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:15:40 GMT
top-back.jpg
img.sci-hub.shop/scihub/
184 KB
185 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/top-back.jpg
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
188646
last-modified
Mon, 16 Sep 2019 12:17:02 GMT
server
cloudflare
etag
"5d7f7d3e-2e0e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJMznr4tYjsZmN%2B7wfue7RWdQvGDd%2ByukVvzJy2hPGlF9a3INOwBZhwVNGCafCNrp%2BaN%2FMP0dLZi1Szk6l%2BdmQ02BWF65jdv9Nm%2FVtpQzMJcKQoebGWzaAuvri67m1CEYboEllRyEaVeP5vHG3pT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e271a7b997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
logo_en.png
img.sci-hub.shop/scihub/
14 KB
15 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/logo_en.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454643
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14556
last-modified
Fri, 30 Nov 2018 05:56:38 GMT
server
cloudflare
etag
"5c00d116-38dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAQ8ujrrUHPBUHp9h3UjtpsifHid2Toik9BP%2FjpCwXF5auh3GvIL4SeCPur6bB1ni2K7RLJCZ1KSqOIa0VbCEMKTas5VfNtDUGWOVN32bh32zRESHFEhQmRG1LRP1dXhmVNprmlaFyJIq5KYwuys"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e271a7f997b-FRA
expires
Sat, 25 Mar 2023 06:58:17 GMT
raven_1.png
img.sci-hub.shop/scihub/
59 KB
59 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/raven_1.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60144
last-modified
Fri, 30 Nov 2018 05:56:32 GMT
server
cloudflare
etag
"5c00d110-eaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWCgWdpgcPv7l2Htp3Oj6nswlskkpHQ7aGmIDHWltECh%2FHbNhivn6eka3qHJkFRKQUgNTcbWsLxxdenFUXFrKxt0QoEi7RpFwoBxPsAL%2BXcpczcyMMw6C4DFzNjYg1r2gClWeMaXydEf%2F5gYAJO3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a8a997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
map.jpg
img.sci-hub.shop/scihub/
54 KB
55 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/map.jpg
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55605
last-modified
Fri, 30 Nov 2018 05:56:52 GMT
server
cloudflare
etag
"5c00d124-d935"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxlqy2z5jOxbOKEC3ost88Mb0PKeC2SEKxSvASkMG%2B8Z%2FrSLO6XvvCDSxlOYivmimoFqcXrBVAjnX%2Bz8xhjEQYo4QC9nzyBBfFMONr50oS4iYbc4jSCH5G9SrGJV5RuJM0doB3Qm8gGLLTS7fv4F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a8c997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
about-marker_en.png
img.sci-hub.shop/scihub/
3 KB
4 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3361
last-modified
Fri, 30 Nov 2018 05:57:02 GMT
server
cloudflare
etag
"5c00d12e-d21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhkucc0zCPcxTYAuOrgEZMkCtbvsr%2FRwjno6pA9oFS%2Fn4BzJCPoOsWN%2F8bSm1kZdGbf%2FUOnrwBGrTiissoEw%2FivWGP6Pgw0D04saByMya2goBZEQdmDfr8u0XrAiargBwZ8CgKlFQgGhYoF5fwwI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a8f997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
quote.png
img.sci-hub.shop/scihub/
1 KB
2 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/quote.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1068
last-modified
Fri, 30 Nov 2018 05:57:12 GMT
server
cloudflare
etag
"5c00d138-42c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rNKrXOadafPsP%2B116FpRNoIMnqE%2Fy9EuaZnsOJ4%2BkOUrWsUtzpAVFRTD8ha8eVNN%2B8lHMsC0OtoF6zs%2BdMhkd6RgARIE7JJ4XYMn0E5qx4ASNWiFUp4lqMBCCFkruafazDASXkhvjgiIvQwDatE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a90997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
quotenext_en.png
img.sci-hub.shop/scihub/
1 KB
2 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1087
last-modified
Fri, 30 Nov 2018 05:57:18 GMT
server
cloudflare
etag
"5c00d13e-43f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbA1g1%2BhabZLs9mFXM7s%2FuMyEXv5KJ4k352E%2B4TwrSRID%2BUKJxhfoSwyvHf5S5PgifxZQlBhP2vrJswCZSPjU%2BIgTJ1CtPL64%2BXJTUKd%2FAlL1n1W5KwOrE98ZJI6G9sqbhv%2BMWt3AKZSODmQDmTh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a91997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
pone.png
img.sci-hub.shop/scihub/
2 KB
2 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/pone.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1637
last-modified
Fri, 30 Nov 2018 05:57:24 GMT
server
cloudflare
etag
"5c00d144-665"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSfO38lDV2szMQBAaoJGadTkeTDNV12B5dl0tQcCmqcaP5XbQ%2B7ZdvXkDDPMPD%2FRjOqMbYK%2BfpCdPJj%2FjXrpBNqog3RQGmXBdcpsyiVgCf779KwkeNFj5dC6JyTec6987r92xI5D53Kt3gV2uRnZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a93997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
ptwo.png
img.sci-hub.shop/scihub/
4 KB
4 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/ptwo.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3907
last-modified
Fri, 30 Nov 2018 05:57:30 GMT
server
cloudflare
etag
"5c00d14a-f43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSIqvCu1lLKCyCDY47whX20oKb9%2BIoEzYORgCxJIYZd3XywMmFlq4P30R95VdxrLo7cJOo%2FUWir7%2BIQuPskFLM%2BkO3xdVhNKlv7G7hrwZ0lKWVA2Xpp8N7mvkuesqz80Mru0yybOYFy%2BW1lRHQdZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a94997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
pthree.png
img.sci-hub.shop/scihub/
4 KB
5 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/pthree.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4278
last-modified
Fri, 30 Nov 2018 05:57:36 GMT
server
cloudflare
etag
"5c00d150-10b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9h9VfK1mxCM53ok7TrdE0SD4u%2BFaW2vnk6wfwu6f%2FeeW3APeGsN542Ol7npYOWMm89569rGVrtedNndTOZJTI%2Fj5xeGa7XySYEyujfXprYUKw8U0MmRWbi%2FgkDLU0%2Bduh3GYbSWbxldS91PZC0T"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a96997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
people.jpg
img.sci-hub.shop/scihub/
50 KB
51 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/people.jpg
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51212
last-modified
Fri, 30 Nov 2018 05:57:56 GMT
server
cloudflare
etag
"5c00d164-c80c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRZYV4Az3YblmtVFq4XkOYL9yxUA5Hiq379bgf2EOVOLfk7ufhlrfxmRdE%2FzCIx1I2S0r6hZUWltOvSEp9BISsQRLMl0WfXSLGImMhd4Bl%2FAC8dNmv4GYzHUIfGHzqmWrsEQOvZ3GD1OrYQcczER"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a98997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
join_en.png
img.sci-hub.shop/scihub/
6 KB
7 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/join_en.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6197
last-modified
Fri, 30 Nov 2018 05:58:24 GMT
server
cloudflare
etag
"5c00d180-1835"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn7ZoY2qdIeaEpR1OXKdkVaysx%2BwqIviPfPMD833wa9ULBynkO8vPSYrmeaeQ0Gq68oiIsJUkeMQhne9StwQcGAikg63kYwQbv7bztuB05W3Sz%2Fy3WCGr7Ciwt%2F%2FzgPbYWe%2B9BD3TGKKv%2Bwyh4ns"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a9a997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
joinvk.png
img.sci-hub.shop/scihub/
17 KB
18 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/joinvk.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17834
last-modified
Fri, 30 Nov 2018 05:58:30 GMT
server
cloudflare
etag
"5c00d186-45aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKWz0kY5e%2B5okxOK43Cqc3wJKZdG03v908isj4ZmwPn%2FQkN6YGt73oridGj00T7lSpe9Fc96nAxr%2F1xGys6HPnuPPOcv9SNW29vwIBb%2BWtdcksehEJhJFXOaIyW7mszuceSkDY8R4wbMHrOJfo1O"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a9b997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
jointwitter.png
img.sci-hub.shop/scihub/
6 KB
6 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/jointwitter.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454643
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5751
last-modified
Fri, 30 Nov 2018 05:58:42 GMT
server
cloudflare
etag
"5c00d192-1677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDK4VYHwblJiiOKUA6UzZrcGuvwAXyKsFYN8Ym%2BFd0PuHxj6pGX5v20652ibUZA5%2FXo2B4lvKCJtE%2BfvqGRfoQg7xeKN1%2BygXdp4jVGvTLuDXAENCgEov8sxW5zFHLZd5HCLImjrKaXQ8t87eNHj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a9e997b-FRA
expires
Sat, 25 Mar 2023 06:58:17 GMT
joinfacebook.png
img.sci-hub.shop/scihub/
4 KB
5 KB
Image
General
Full URL
https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
454366
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4152
last-modified
Fri, 30 Nov 2018 05:58:36 GMT
server
cloudflare
etag
"5c00d18c-1038"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLlPJ1pwCsviVboZp0aSope02CWDghLhqqDsECGiUCjHa3W14v%2FK3%2Fynvhf2oSaRMoJelrh0sIYeiWyR4eOm7E4kgG%2BK%2FgJCyFRVeqvA6eaF%2Bq3dIcupqaIa%2BelHKVnIzLizMKyAdAS1NPCjp2oT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a096e272a9f997b-FRA
expires
Sat, 25 Mar 2023 07:02:54 GMT
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/
0
0

pluso-like.js
img.sci-hub.shop/scihub/
41 KB
13 KB
Script
General
Full URL
https://img.sci-hub.shop/scihub/pluso-like.js
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
454764
etag
W/"5c00bef8-a5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXhSS82m2muWc5P0sBki1nCEJlKHjT84foX9TfZk8RjhmxbJErgpv3c%2FX%2Ffb%2Bw%2Fh7rAkgXxsrQvLCuoEDKkS1OIVjaRBcyZJfuq%2BkXTJ%2F6t0jxnGLis9phvtTKxnryNLWKAqs6Na2YIJ31v9cuVt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a096e277afb997b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 18:56:16 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/
366 KB
121 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4233fdce81ee4f6a870a666984670d6139c6293203c8f8ffaed1a6edfc8098aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123270
x-xss-protection
0
server
cafe
etag
9262178888797325166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 13:15:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/ Frame D112
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 20:30:30 GMT
etag
2378337311435320485
expires
Mon, 13 Mar 2023 20:30:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
387 B
600 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.ee&callback=_gfp_s_&client=ca-pub-5451336487934366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d556eccf38e1ad4e2040e7c4be64a72a166d344b1ed51f132046f237951b331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sci-hub.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sci-hub.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4681
72 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c128b791b2088905685740ca5d3a2042d8e92f80a4c18c3ba3f24ba26065c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
23646
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Tue, 28 Feb 2023 13:15:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CB48
2 KB
664 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1677590140&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140271&bpp=2&bdt=442&idt=241&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760f0378a60ceb9aaf46bb32b3f971187cb7f7c15e7f6c16a45e3015a4f5f1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
464
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Tue, 28 Feb 2023 13:15:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sci-hub.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sci-hub.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 67EB
26 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
591e3eb39b18c9b5a89a3b1abc73d76b738ccfe6fbf9aa987a44f17f98a751c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11901
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Tue, 28 Feb 2023 13:15:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5BE2
26 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c86f9e13582b1dd6eacabb3ab6f7c75a8403cc9dd0eef69c0a7a7e28bc146c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12219
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Tue, 28 Feb 2023 13:15:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6817
430 B
230 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.3357258965~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=IW3VLjrhcV&p=https%3A//sci-hub.ee&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d169c9f71196ce767a338dbc4306f2142c880ecfb3be8a50d68f205a2844be3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Tue, 28 Feb 2023 13:15:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F7D
26 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ab648d9a24739ec1925514c55be50352eb98446017057d094bb1dfe5f9079af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12190
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Tue, 28 Feb 2023 13:15:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-5451336487934366&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230226_093409&sat=1677575829325&afm=0&as_count=1&d_count=0&ng_count=0&am_count=4&atf_count=0&mdns=0.048&alldns=0.239&allp=9&fd=(0%2C8%2C7)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=5867&abl=false&rr=n&su=sci-hub.ee&pvc=1281987990408366&r=0.1&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 5BE2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
7589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 5BE2
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
7589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:11 GMT
l
www.google.com/ads/measurement/ Frame 5BE2
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYzGM3WMuKocQBgyoNLt5z119bwl7ftwbhBZzEqAccrkd8e7qm3x2sDWEYKLv98ihwX55qIxoIKWXWfesX6kPpQqfE8Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BE2
158 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 13:15:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5BE2
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CpJ28fP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLUBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjBTSA0pYcdv8jqKGeYQ0SPBc24z_YRaCl7wtiXcmPCQ8CfLxbx8FoAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTQ1MTMzNjQ4NzkzNDM2NhgA&sigh=gJT53P1m7h8&uach_m=[UACH]&cid=CAQSOwDUE5ymUw1UbQoityRWEC22RS9jI89hjYzeXJuffsNGq22DW18sUPmHmUc8ekzXGOAdGYsqvxnOPSCxGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5BE2
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kNL1Fcz6RLAJmAKdg2ICAgAAAE6MsNyRbyQ_EHz-_WPgPuVElc81Sn4pAAASAAAKDkFRVURCUVlCQlFFQkJR&wp=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
280306
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame A385
119 KB
42 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ac916e2d317e4ff09b704a61c5664fc166e74179491d60cc17d95f482afc2a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hqmh1It_G4ZXIPG8tSmTe63h3HKkM2PW47DByjFmt4H7F8qZlqtZCymCNCRy_N7J7S7b8bD6jgL-jSshukwlL2N0Q_CRJAqS5zhJnmPxIadjda6UeQQ-75r9HMzvMf0PuUh-FUW0Dkz_q0YAfk7F3DbTaltbeqV4ucS-qSaRHISs5dKzdvUp5h01A10yj4wJY77kr8L5GKs2nv3m2XWX31l0JaBAdYbI1CotVaFedWkIjxFUIElj9kRKCl4"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
25682202
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C117
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 17:13:05 GMT
etag
48472445140208031
expires
Tue, 28 Feb 2023 17:13:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7F7D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
7589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7F7D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
7589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:11 GMT
l
www.google.com/ads/measurement/ Frame 7F7D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTY9fLIGGZNd19_-u8LoBem5kHijZQX-nDpgeFb-ZfUX_5T-3vgtbrKSv-oq_aBR1CP66eiXXbvbvJmFpGOveJCkfdeVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F7D
158 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 13:15:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=3809598800&adf=4061442901&fmt=1200x280&str=true&ad_y=3320.96875&vph=1200&r_nh=0&r_ifr=true&qid=CIPgqKOmuP0CFbpmFQgd9Q0KcA&w=1200&h=280&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fsci-hub.ee%2F&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7F7D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CY0_-fP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEtQFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFSckJb4WYjH6_yhTfJf41TtT6zOsCJ5KcjY2h63QK5MzUJNUjmvGxJgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NDUxMzM2NDg3OTM0MzY2GAA&sigh=G2cfdk4lGDk&uach_m=[UACH]&cid=CAQSOwDUE5ymXjdNaSrLhmV1vBsts9CQkGHyv7euKONkMFYrnsO1RVqV9EHkaj9M4Ij7ydGRKJtPUy7mPeYAGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7F7D
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kNL1Fcz6RLAJmAKdg2ICAgAAAE6MsNyRbyQ_EHz-_WOPU7odkGsYrICCAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
267916
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame C22B
120 KB
43 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6a361f91395f1de8036b86f4b31d34814cc4f7c2109cb2f9192a0fb26eb4dfd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GZsyuYt_G4ZXIPG8Vzxb4c_yXFHXJMmSiEg_3OyML_5kXjlmgy5Wv6HzlegUSEBn_6oJg_KOCaDVbhBT1oHqHTfu-CPDsCcE1HMDbHokWahjKigN_M9t4wGqIusW-mIzVACl0gHtcmRnZGXdRaJE5bgToCX53ZGwj107PhcELRR998tCFVGNZIn05_5-ZyJ3jl61cpVbU99cBP9-3Hy7yyExWwCcb0ipdCgktCp2odJTyyuQmCWvomS8s3c"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
19020992
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 450C
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 17:13:05 GMT
etag
48472445140208031
expires
Tue, 28 Feb 2023 17:13:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame C117
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJdNGG6EOcxg1jHbdHUS5hY&google_cver=1&google_push=Aa02lx-Vz3XJ1MT45kaoaG-RM6MlVJJ3Qpztp2-rB6B9iDWDl8Lv62oFqoPU6VhAnGnH8WvgSj0yskb3K5_3vRvekOtj4EiA3hGv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame C117
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmr...
43 B
412 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a096e2eede23684-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1096
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7a096e2d6aff3684-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame C117
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBMmIYWgqMECcpuRS7Gu0-Q&google_cver=1&google_push=Aa02lx-UhsCB113wa9DwrUhFcoEyBkif2WBkELHCVEVkW3kmX4-muY5oGhcxM-UWPiehJ_e79SK0IZ75AWHxLUPpW5jA71o5d54
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C117
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH27xe2yRltccDZ_M-IL-8E&google_cver=1&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T&google_hm=eS1VMXg4bDNsRTJwRnhqNj...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame C117
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5s...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C117
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8UT9ZIbMx4xeN6PsYKd...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&google_hm=Az7tYfCePk7LgpkUvN-3QbI
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&google_hm=Az7tYfCePk7LgpkUvN-3QbI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&google_hm=Az7tYfCePk7LgpkUvN-3QbI
date
Tue, 28 Feb 2023 13:15:41 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3eed61f09e3e4ecb829914bcdfb741b2003
content-type
text/html
/
onetag-sys.com/match/ Frame C117
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEwAZ5s_Qith5EZD24QkOKo&google_cver=1&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7Sjic2LLtovBnkaIpWpw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C117
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Irwg6JolS0zCG36saiZ0tZDBAgXI6WWi7KaxXW5OrBmNzap1pP2oc7rWMz_UifkrJRwi9_5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 450C
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEDBSUqxJNTUxe7IpgmV8RY&google_cver=1&google_push=Aa02lx9ebzaGQUgwDk5Ih7-LgBlQsI100OoqrB3VLsgnFGg55-VlPaq5p9VS7Epw7OYbt8ZVQcGbptnVshDPA4rByvgpzc9UPaY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 450C
0
98 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx-NoYql6lcVBzjRn9G5_dEUZR5w0iY0pJtGg4pW_5VVPeD5YJ-GRcZbKC5l1tPo7zY-OEJxoRiAYl-yi9XFPb9id46u6SZP&google_gid=CAESENkeWZqmFeBkN5fceM5ktGA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 450C
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGKJOJDw0UTB9AtybVwlehk&google_cver=1&google_push=Aa02lx-2MBDzHH6FSOvE_WJ3C8-g3kMHOkEKs-UpZqyvV46eTR9Gpn54vndAgUcBzNFTeOn5yBIZWx1pjkyJMP4iHOGNB-Tk07z9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:40 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
edn4l5thck11nh32hlnq46tk3oip2lra
pixel
cm.g.doubleclick.net/ Frame 450C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1kweMLN9Ra2u94j_dYOH0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1kweMLN9Ra2u94j_dYOH0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1kweMLN9Ra2u94j_dYOH0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O
date
Tue, 28 Feb 2023 13:15:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 450C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKdAinT73DScC6t5jnCOJuU&google_cver=1&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPOVVUQUQtQy1EMlAw&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPOVVUQUQtQy1EMlAw&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPOVVUQUQtQy1EMlAw&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 450C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_hm=Y_3-fXKg8lNWE4tw2KwOkwAACHIAAAAB&google_nid=index&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yL...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_hm=Y_3-fXKg8lNWE4tw2KwOkwAACHIAAAAB&google_nid=index&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 13:15:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_hm=Y_3-fXKg8lNWE4tw2KwOkwAACHIAAAAB&google_nid=index&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
trk
ag.innovid.com/ Frame 450C
43 B
297 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBMgLIXBS4tYpbsw6Te6d74&google_cver=1&google_push=Aa02lx8cS5MiCZbWGBC6ICgUlo71vRnqf47O_4XXGgV7hGk_7_5Weqb5cRQD9XipQPmuB9Y4VvhCnkVPl5ksjck_cpZugq9n66o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:80ae:1ebc:7401:1031 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 450C
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ijy7XNui_oQvPWx-lMkiHSHMF1xVY_S1NUk4q13wJsUfxnEg560DTeIeFDCStbo-m8PHEA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 4681
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
7591
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9122
x-xss-protection
0
server
cafe
etag
6330344511044705610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:10 GMT
css
fonts.googleapis.com/ Frame 4681
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:36:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Feb 2023 13:15:41 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/ Frame 4681
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 11:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2798
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 11:39:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 11:28:52 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/ Frame 4681
378 KB
129 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e73b62d76def10576a592ea3a79436973c1cc13c0e64536609c1e0ca816dcd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 11:28:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132104
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 11:39:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 11:28:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4681
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
7590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 67EB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
7590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 67EB
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 11:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
7590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5959907985313552934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Mar 2023 11:09:11 GMT
l
www.google.com/ads/measurement/ Frame 67EB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnAVo0JVCu03_M0zUxY8CL-7C9dtpyIl2eEdwW-44l5NfdC9boT_wDqjyvisbRah_gaPvC63vg3iFxSOPCE0PrpeRuWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67EB
158 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49360
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677501794595172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 13:15:41 GMT
truncated
/ Frame 5BE2
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37c3e09f74a18df5356939a9fe79294ece2fa111711e6f4b565fb2bcb1f00de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7F7D
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
475d9f9239506ff551d4b2eb82200be31fd2b7b50416bb58cba715ec0043277c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 67EB
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkLNgfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS1AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3QlevYujFRq1tT45uA6B5spfTv6ssawMY6r0MPAKAdATl5bj7xMzmABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU0NTEzMzY0ODc5MzQzNjYYAA&sigh=vpC1qJj1z10&uach_m=[UACH]&cid=CAQSOwDUE5ymx7ent-tJQiBHYrHOjr3136rkdigvS17d2a7GdT0gyL5DrCqgw3bGJGu9O0MaHWIiaiEw6JwmGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Feb 2023 13:15:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 67EB
0
0
Fetch
General
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kNL1Fcz6RLAJmAKdg2ICAgAAAE6MsNyRbyQ_EHz-_WOkHxPDp66kUgZ7AAASAAAKDkFRVUJBUVlCQVFFQkFR&wp=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
180729
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame CC5E
116 KB
41 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6da5fe27003264096969c620fa2b398b8a33ec33f5f1f848098f53027c8692d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-jo-WIt_G4ZXIPG8zVUTo7uhSPhxqenrrBoWqr6Gn7NzuSEvgOskN2Fs6GQCplUliEgyDNJJ4YUqA9i7nmMM92zA_28v83aNRSidWBkL5M128aRoO1CF6rNTaudjA8LvBzhUdg1UG98pT9U0iFVUA16FZST_HT3hT_L8pWDPRv4On4Ck-U0g7flcU3T74GvmvL0Sqc5qFC_q2hft0eTYC8dntHQTdspB4lW4-1thi-S2WviR_rU4DslNyfVxCbPwQkkDhw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
24327035
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B76F
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 17:13:05 GMT
etag
48472445140208031
expires
Tue, 28 Feb 2023 17:13:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame C22B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C22B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C22B
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 13:15:41 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C22B
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 13:15:41 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame C22B
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=msPRzYRArgRO5qpHKZiFUyyWS0928m41bPRhKXIzTOX87GWHKY6kZN7UlIpBBtFyWTZ_Fn2OKC3cgwrEbiPbWiQBb87aCpB8GJDXvmy2iQ9hAW4v-RDrbykAGwIDBUWAkf1FkxXc7NQQIanK1BsLaJrFNIPf9U27G-C35T_BJKbALAu8E2Ukg8r4EyX4lzSM3UOLLhcTjKzvPsPa3OqaWGwLGo9YKn7y93KDasow3RUTvjxtg5wPTg7scy8vnBuyBdhxwg0VRDH5qmdUR0TmKOkZ0JFow3eYGoNZo7jgeEOLnEnEz744GXOvTwXE51bcPFxMrL6EbUdKVQEMWdSkMQTlaFAx_ilmjLNF4UhEozglRjHaR9cMZ2yFK5PsZzZ-c_sQkYU7LteR-7uUko6N33YAZwTgj3F_RFVvNv9lySZDy_oo
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2817852
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 67EB
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a9af4aa5b71b6c5c2902f37cd661bf3b3c3f99bfc628e1f275721bf389b6235

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame C22B
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame A385
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A385
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A385
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 13:15:41 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A385
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 13:15:41 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame A385
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4omtW4RArgRO5qpHKZiFUyyWS0-1ZQRgfhlGM6_kB76O6-ZjdnzFP9PM30yLQQMQQyhllC70JZ6hyOKGfKcVAMX8w033X5-ZQyoH1lfwgIdg5MCQduS5MQzbh-BgOqedzEYCs-ITdr0eBozHyYo_QKWl9Nwc_t1DlQ0qGGwAmHtODs_JAmueTfS0Q49lXtiAG_xn5U6XD6EWZvoYRZ2VjpLIN3aQhN_0bmUrkiB79uKUXN7EDyiamhPmvtMMV0g3lNB7gTbFGk3_ItwITKrUW79ZFoCCXxRMPkq2wznTCYwNmxS68SEgU_fXAYcmQE7Reeymu7SQZvt8x0X-76wwc7vsdc4d6OrQuDyMqdOzVA0RABkfEegZObIf1DftR8kcWkpXclgdkNu8XiPv3ufYayUUIJ8sOQMMwndKsII9NUY5VvTp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2748836
expires
Mon, 26 Jul 1997 05:00:00 GMT
img
pix.eu.criteo.net/img/ Frame C22B
35 KB
36 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=476&m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2Fa1ebe3994b2141578e12fde9e1c2e868_d058dc76c97c4065961403892f419795_apollo_logo_1000x500-weiss_%281%29.png&v=3&w=482&s=kzwUabGX14-9_0CIAeqHQTMf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36128
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame C22B
37 KB
37 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2F9ba23d61df01487ba7a0a4d3cb6f3013_1200x628_valentinstag_banner-iwear.jpg&v=3&s=9yjdy3RVE2R8DY1K1n4cQjui
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37540
expires
Mon, 05 Feb 2024 12:02:02 GMT
all
csm.eu.criteo.net/ Frame C22B
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=GZsyuYt_G4ZXIPG8Vzxb4c_yXFHXJMmSiEg_3OyML_5kXjlmgy5Wv6HzlegUSEBn_6oJg_KOCaDVbhBT1oHqHTfu-CPDsCcE1HMDbHokWahjKigN_M9t4wGqIusW-mIzVACl0gHtcmRnZGXdRaJE5bgToCX53ZGwj107PhcELRR998tCFVGNZIn05_5-ZyJ3jl61cpVbU99cBP9-3Hy7yyExWwCcb0ipdCgktCp2odJTyyuQmCWvomS8s3c&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C22B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C22B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CC5E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CC5E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CC5E
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 23 Feb 2024 13:15:41 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CC5E
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 23 Feb 2024 13:15:41 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame CC5E
43 B
347 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=BEmFyYRArgRO5qpHKZiFUyyWS0-VBODvV0A2Ueq4OxK_-YvRdnmoMcfn2P5PFWWsqrq2ekDZ67DX1dMhoXJJBXrW0LZGOAnAI_fMzaUg6oTmfibFhp1JTSrs0YJQc_t1blUg96vLBdWRAUXK6ZEYjbYj-cLpkk-Snl5PVr93OWJdlTRSyYqY0ca23WsJGCb5caQzz6kck5wu61QccHXINlnL46C6yfupNgm0tKx23LN6beaU7TPMVSVMdQ6QMLJwwHadRHC-cHMNYgGARmLGtmHLakUxfxmrSyOd3D8GGJ1o9SP3M6JMwPsp8MZU-TC54ZQLcKQsAP0LppeuF6iqP3lLb77Zc5oWBUsKh-WIp3ra2yRWSuYbXIYKmbYuvus8e5iEydMR4kRkiNH0lOMSw8KnLtcWQ5sHk5LPSEZ6ucsZS7eO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2964128
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame A385
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B76F
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBq5BzOnpZygjVvHONMij6Y&google_cver=1&google_push=Aa02lx8lHozCe-68M2RtIiWknuw2FxhMNNIe03vQT8_EMV2GiSoCwBIuZryuXzImtwwRgeeee1atdERiWaKjekUguz4t6goDY9mBdw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 28 Feb 2023 13:15:40 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame B76F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF8HcCTlVoz-D_BzB_OKBqY&google_cver=1&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-M...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTE5NDc5MTY5ODI5OTAzNA%3D%3D&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-O...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTE5NDc5MTY5ODI5OTAzNA%3D%3D&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTE5NDc5MTY5ODI5OTAzNA%3D%3D&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4
Date
Tue, 28 Feb 2023 13:15:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame B76F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqT...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg&google_hm=ysRfBwOOQfSLYByX9REQHQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg&google_hm=ysRfBwOOQfSLYByX9REQHQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg&google_hm=ysRfBwOOQfSLYByX9REQHQ==
date
Tue, 28 Feb 2023 13:15:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame B76F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAJys-oGhVhQkjwDRjqtWVo&google_cver=1&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw&google_hm=eS1VMXg4bDNsRTJwRnh...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame B76F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGhcjK5x5u1CQ-LkdDHJ0I&google_cver=1&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JL...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B76F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPQdZSR8AZjoHrxtwaTx8UQ&google_cver=1&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIc...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame B76F
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0P...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lL...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mqgDzd31SHq492zdVfUpSA&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7l...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mqgDzd31SHq492zdVfUpSA&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mqgDzd31SHq492zdVfUpSA&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY
access-control-allow-origin
*
date
Tue, 28 Feb 2023 13:15:41 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame B76F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHRAND5YQ6Rn8FS2gIsJa4LR-nNqv1s59tEEkdfdUmQJU2AE6KtS789ke8fpgDA91opnnZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame CC5E
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
img
pix.eu.criteo.net/img/ Frame A385
35 KB
36 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=476&m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2Fa1ebe3994b2141578e12fde9e1c2e868_d058dc76c97c4065961403892f419795_apollo_logo_1000x500-weiss_%281%29.png&v=3&w=482&s=kzwUabGX14-9_0CIAeqHQTMf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36128
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame A385
37 KB
37 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2F9ba23d61df01487ba7a0a4d3cb6f3013_1200x628_valentinstag_banner-iwear.jpg&v=3&s=9yjdy3RVE2R8DY1K1n4cQjui
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37540
expires
Mon, 05 Feb 2024 12:02:02 GMT
all
csm.eu.criteo.net/ Frame A385
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hqmh1It_G4ZXIPG8tSmTe63h3HKkM2PW47DByjFmt4H7F8qZlqtZCymCNCRy_N7J7S7b8bD6jgL-jSshukwlL2N0Q_CRJAqS5zhJnmPxIadjda6UeQQ-75r9HMzvMf0PuUh-FUW0Dkz_q0YAfk7F3DbTaltbeqV4ucS-qSaRHISs5dKzdvUp5h01A10yj4wJY77kr8L5GKs2nv3m2XWX31l0JaBAdYbI1CotVaFedWkIjxFUIElj9kRKCl4&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A385
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A385
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
img
pix.eu.criteo.net/img/ Frame CC5E
35 KB
36 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=476&m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2Fa1ebe3994b2141578e12fde9e1c2e868_d058dc76c97c4065961403892f419795_apollo_logo_1000x500-weiss_%281%29.png&v=3&w=482&s=kzwUabGX14-9_0CIAeqHQTMf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36128
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame CC5E
37 KB
37 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2F9ba23d61df01487ba7a0a4d3cb6f3013_1200x628_valentinstag_banner-iwear.jpg&v=3&s=9yjdy3RVE2R8DY1K1n4cQjui
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37540
expires
Mon, 05 Feb 2024 12:02:02 GMT
all
csm.eu.criteo.net/ Frame CC5E
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-jo-WIt_G4ZXIPG8zVUTo7uhSPhxqenrrBoWqr6Gn7NzuSEvgOskN2Fs6GQCplUliEgyDNJJ4YUqA9i7nmMM92zA_28v83aNRSidWBkL5M128aRoO1CF6rNTaudjA8LvBzhUdg1UG98pT9U0iFVUA16FZST_HT3hT_L8pWDPRv4On4Ck-U0g7flcU3T74GvmvL0Sqc5qFC_q2hft0eTYC8dntHQTdspB4lW4-1thi-S2WviR_rU4DslNyfVxCbPwQkkDhw&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CC5E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CC5E
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Feb 2024 13:15:41 GMT
csi
csi.gstatic.com/ Frame 4681
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~leo9utfp&c=4329284641937&slotId=2164642320968.5&qqid=CKqenqOmuP0CFdxgFQgdr0gPSQ&fb=outstream-lima&sei=44714743%2C44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c02::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4681
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:08 GMT
x-content-type-options
nosniff
age
364173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 08:06:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4681
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 14:05:36 GMT
x-content-type-options
nosniff
age
429005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 14:05:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4681
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CD_H8fP79Y6rwH9zB1fAPr5G9yASntqHtbvLttpCWEZCUxazMBBABIKjuwX9glbqAgpgHoAH0mKucKcgBBakCZIzxggVsbD6oAwHIA5sEqgTmAU_QMHvPp-fUa-JO3jW3s7Yu8YbHqjIGize6Xz1_bbVhie33d_DnnM2eyr3xygMxWi5ksjJroCqGVm8E-Aeht57c2BQ5SEwtAqtn_3_P3upwlJ5AdLkh2c8JlutVFCJQF8uIQZblsXGWJtKT7yPTk79X6Q91SQcP_wlS1a2LuFZEt_I6B9-DHU4Gt_oOuMZ88cP4YIDX8Ej7ExIxXnVCWr84zIOMdlaHBmdbJGljKLkQ4FDGJ5XgsjcDR1yAsO04JOVeSUGNX07MhjtnNbonlrKbLM6D8s1Vn1AKsJMN3yq3n3wWvmsPwAS984jRkwTgBAOQBgGgBnaAB_TQ-_sDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPgypYSyBPW0OnhA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1677590141366&ai=CD_H8fP79Y6rwH9zB1fAPr5G9yASntqHtbvLttpCWEZCUxazMBBABIKjuwX9glbqAgpgHoAH0mKucKcgBBakCZIzxggVsbD6oAwHIA5sEqgTmAU_QMHvPp-fUa-JO3jW3s7Yu8YbHqjIGize6Xz1_bbVhie33d_DnnM2eyr3xygMxWi5ksjJroCqGVm8E-Aeht57c2BQ5SEwtAqtn_3_P3upwlJ5AdLkh2c8JlutVFCJQF8uIQZblsXGWJtKT7yPTk79X6Q91SQcP_wlS1a2LuFZEt_I6B9-DHU4Gt_oOuMZ88cP4YIDX8Ej7ExIxXnVCWr84zIOMdlaHBmdbJGljKLkQ4FDGJ5XgsjcDR1yAsO04JOVeSUGNX07MhjtnNbonlrKbLM6D8s1Vn1AKsJMN3yq3n3wWvmsPwAS984jRkwTgBAOQBgGgBnaAB_TQ-_sDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBPgypYSyBPW0OnhA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4681
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~leo9uth5&c=4329284641937&slotId=2164642320968.5&qqid=CKqenqOmuP0CFdxgFQgdr0gPSQ&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c02::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 4681
28 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AIGsLdEM4RhCKN4kVtOpQuZ9CnF0qskBXJHVNohqLWDY1A04hYJrftKyY1WvS1Ir5-D-rJ2ehvqzjtgHJxlR4nVb9igQ&cry=1&dbm_d=AKAmf-CQGCHoBjpfpSzJXR_lnvdeBI164CtnLQCAVY-OgPeSElUWrHwo4XJxDs38AD8vU-KpoRvJKL52jBrEfEvj7KGMFMKAEj5i9hIS6_LrqJvBK_p5o_sUEhYk5cHigqD-iZhbml2XEKsKiNhs5UtYJHwXhewybMe99Z-l9QDi4psnJQSAz7GtQB3O-qr3kfk_URT0UNTn7DxtQzSvj_GK4xtoKsK42XZLdqjgLgHW-qOEpYvsR-scfPhyM7pqwwFHb8qD3RDSzb0l4bSXMikdvPSndVguzRqTTstHvck445Vps1xAfssrA5off2xz0ctNhABLTCgTgBCMXGetrK18jlUG7jOb5qQ8WMQV0t8BPadGDMCAHKFe2AGj_nHah4u4HGrxs5ooXbLuMzn1gvYBLsoH0cyKEkktFVo9QN5ee_S8zXSrq-PT7n9gC4vCTJNVULCJuujEB19-UwkfC3q-dU1rCw_o343NMz0x8E56bToDKLOP81SqG5anZGHlLidi66kuzqut1b-DFjFnfce8XRExHe5blH78WYoPxL9WJQxqWuiPSKAmdRD8l6O6yCPUtNU2338eXIraaXJeULY6jnYPtqN-cwLuwe9IghzwpjIBQAUcSY6sDDpGw0RBHz5_FttXE9fDXNJ4JgASUKtPeulr6vHtSxR-c8aHO3_LYSb8TTU8VwQTlTn5ATQ1UEPSjy8fRbTDu-4CaRJusu6a5sC82CmUtWbw2lFOVQDC_C_2ahhalirGFUhKigP9e0RjJYT9zhRZ_37s6B_zxrSTtBJ1gthJersx2C17YRhCqNNLFnnZuMVRaZRWoDbsJXSEq3WDIZQ2mdPSY7sdk6-wIvzrKOTeZN570fkyIMYsn_D_eF5RiWZfLjPCE886C-_W-nlmVj1T_j25Gb5v9shBa1ZT3iUXy9dVyOkfuweA8EE8ESHtmByUmazrLxid4QXTD_9i72-p-aNM7TaF98KFRMpJm2tGW3DK9NqHkV2XOqJ5sj3CMudynouv50viule2oixPnY0E6b5l14sohU9QZNnUiHudsPoFTJLXX7G3Y3Ai2msf-4lQB9Tveugdc3pFilAyMIHFInJjvfXavsCDqfveQA-jWguCSAg6Mg57Pljg50AETeZ2AWnNvm-Blsx4icMgjBWzYHmBp7rbCfFjfEVIVmWl_Z-DK0LLzWzTchXe9RCH89mC72Wh3KsHmLvaf8LQyKEMW374RYXFIJTSXQm7BbRlzDRD6n72pZ7iQ2MdxxM0fkdLJwXM_r5VQTsQODOiiTmhckENFzP1y9lH1x2EcMrQ9MnH5hyHAf-iu0-U6UvtJdyljuNGXj4-ZmLW7snKPUTLh5hjX3yq8twLUat8XUh6geqZn9Y41VVZXDDSbNepFw9hgq9gXZLYNOP4NTtCWuVpTGGVtXr25i9lWdrp0vCrvoAxW7HsptgcMzzabEGcTeQRLisUIEJCMFQbvFuJw_95bpNOd6AIRg4IYcqNNNm5TVeAIPcqD6uU_PIA5bRVzjlJxlg7wbFL08v3ToFHJ1jnBPHAVM48xd1zBPsGkVV0y0vLH-vAaXMpnxfQA5dUciH7WA7zCzErguAiErYdMolN3ybRupdVaD535QddBRZkdOc0Uv8DXzIakmY4bexPFEdVI6T0oOYCcWxiQ5BU3iAkOChdHzLayMOGKdbtcAYbhxK1JK_4kgtvV_8UCScYjSBpCdE-Oe-GBpiKwiogmZc9gGRHQIkBwIW8oi5ivl_SDs7caymWlNs1tylgGYtGv4Y6uzaCcsceOCLKgsTA1kJ-PQBWdUo42F3CEKb5hewM2_vPQzAPuwzysVD8qMTWZLnuIjkJJl02ErQSQMygeLuSIu28HFWAinPwCmehIonBPQC3Kmbmm8sXSZfa2CfYnEl5aS4-4m7T9fHEwJALlBtVP6cS2e4-BKlsDxvCQvbBpb2oIR5dko-DXlT7uicdk1YGp5Y8_r9x2MGzLzhQyRvRnx47D-xSoaiPzuk-cEiV2wg3dwVx4eVhBvtxMbT-Za8NOsExenwSGoBVPmenRrNa2nkWI4Hpq3s7mfNDpH8_fNetvDhLEcs7nVoxPhUoRQOp5VN_iHeGW9LfT85IEdH_pqv6BFLcgE7Lo-1zKNlIEQboSdkyisvC1QomZPx7opU9v8gZwXJ7M6Y8ej0KCjL7r7NnScgqA-T1S7XXHVN7WkXFg63O75z070YxgWC6XozAG8gR9Ah5g87kb8q5qM3B0FiQaME6pMJ5WeZmSWVsZAIPaLpm6DtarK24bOYuvRrCQNAWI-ondU8Oxblv23auSxVQqSVyYzhCbAOCX6KO6G6ZQhPrkhk93ZEn6sgSIaM5zCwmujpUVK-gPEQT3t_390XcQFV0MxiyovxxxDJa32lX37cChA46dR6V5KRhvKo6sosW1IfbZZIm884szAeLkKEd2xymARVu_mgg_IpbTgzt7qfgRRCX7e4nXKXZPXdlDETppHRJ_2fx8u1w_m2FRI9u7bQm9MFpwdF9Aa_KdT4pDR3xK6eeNbm15HKrUVUYb2BQC0WTuLtlqBO7EXSsEwuKvpgpVeYsgCOaUtcc5OIUQV4NQUp08oe4dmLw9UIh5nPeRt8ximPGrxNwkLjQGmPsPvIjCXYqv_rpQsB6XaD0z81Mqpyb_DjsOxfZA3lTCxtCZW82GgZWuh6w3b4ylSChXJxGYOCSb9VMkZ28EAD6ZbFYWW2vRI7w2xATJMucekAROM0chsP_XI2W0DgU_bsGkVWGHEAqTwTHVtpzdCuZF4aGqykldvsm_-qCqCdM0Dbd1F0xUl-DsnablQalP-VfyzI8snxB7i2R0b2DNFIp_CoXDzAdrdwUcIJ7Q5OE_qxs05rcDapDv_89_BESaIOnVZBehfFYXKEoa022TPWADp2EmkxDAT9__ntl-Ey181McyeEOA0B461KUnyxh4O6Cz_8RcLqqFSSupETmomWpp_3SLB7FDjKsw46Tfm2yVJ2q9p6xlQU97pBIo6fpJXnzzsPHiYKH9iM2Gf11J8y2Ixvx1Dl0dxlkF96NLMOKMdNCvYMtUjBFskqmjSaoyNSrHHygJL6k7yntw6SqdtPfrY47Fk9Rd8jZ18nbS4JXPsOnuCO02Ty1tUxaRuWy_3XUV2XGExNjOKeNYStBOWlusA9L26wlAfAz8nvzIXs25dA53mio6Zhr2TGF7yXKEXUoxooYNi_0nO4dIah1gM5knbHd4QTi90gXFSb0mrBD6iwVl4PzCRO8XAY1d4Ik08C7W4ci029fYibzrZacQw&cid=CAQSGwDUE5ymul28dABD7BGnxi-FdurgcGQKDGkxthgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f157.1e100.net
Software
cafe /
Resource Hash
67cd2b1c1d8304a542db5c761e5f0477ee48901ca39fdda96ad03859394d8e1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15804
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4681
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
393169efa07a3fe9db12ffbeec66e785b844eeabfce773e02f4db4f1e100abeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
img
pix.eu.criteo.net/img/ Frame C22B
35 KB
36 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=476&m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2Fa1ebe3994b2141578e12fde9e1c2e868_d058dc76c97c4065961403892f419795_apollo_logo_1000x500-weiss_%281%29.png&v=3&w=482&s=kzwUabGX14-9_0CIAeqHQTMf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36128
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame C22B
37 KB
37 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2F9ba23d61df01487ba7a0a4d3cb6f3013_1200x628_valentinstag_banner-iwear.jpg&v=3&s=9yjdy3RVE2R8DY1K1n4cQjui
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37540
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame A385
35 KB
36 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=476&m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2Fa1ebe3994b2141578e12fde9e1c2e868_d058dc76c97c4065961403892f419795_apollo_logo_1000x500-weiss_%281%29.png&v=3&w=482&s=kzwUabGX14-9_0CIAeqHQTMf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36128
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame A385
37 KB
37 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2F9ba23d61df01487ba7a0a4d3cb6f3013_1200x628_valentinstag_banner-iwear.jpg&v=3&s=9yjdy3RVE2R8DY1K1n4cQjui
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37540
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame CC5E
35 KB
36 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=476&m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2Fa1ebe3994b2141578e12fde9e1c2e868_d058dc76c97c4065961403892f419795_apollo_logo_1000x500-weiss_%281%29.png&v=3&w=482&s=kzwUabGX14-9_0CIAeqHQTMf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36128
expires
Mon, 05 Feb 2024 12:02:02 GMT
img
pix.eu.criteo.net/img/ Frame CC5E
37 KB
37 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=56565&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F56565%2F230210%2F9ba23d61df01487ba7a0a4d3cb6f3013_1200x628_valentinstag_banner-iwear.jpg&v=3&s=9yjdy3RVE2R8DY1K1n4cQjui
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29544381
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
37540
expires
Mon, 05 Feb 2024 12:02:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4681
0
18 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cce2DfP79Y6rwH9zB1fAPr5G9yASntqHtbvLttpCWEZCUxazMBBABIKjuwX9glbqAgpgHoAH0mKucKcgBBakCZIzxggVsbD6oAwGqBOMBT9Awe8-n59Rr4k7eNbezti7xhseqMgaLN7pfPX9ttWGJ7fd38OeczZ7KvfHKAzFaLmSyMmugKoZWbwT4B6G3ntzYFDlITC0Cq2f_f8_e6nCUnkB0uSHZzwmW61UUIlAXy4hBluWxcZYm0pPvI9OTv1fpD3VJBw__CVLVrYu4VkS38joH34MdTga3-g64xnzxw_hggNfwSPsTEjFedUJavzjM2420Y41c2Gu266KC28NKT0Gn8GQyWOSaM2dFoxsuM1dgWXD61qkCmf8flD9hc15DKXxq53mH0P4C8d6A12NxM9vABL3ziNGTBOAEA4gFgLeqmkmSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB_TQ-_sDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwkQq24Y3cvH3wHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbAT4MqWEsgT1tDp4QPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNTQ1MTMzNjQ4NzkzNDM2NhgA6BcF&sigh=FC4-EMprGfc&uach_m=[UACH]&cid=CAQSGwDUE5ymul28dABD7BGnxi-FdurgcGQKDGkxthgB&vt=10&cbvp=2&vis=1
Requested by
Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Feb 2023 13:15:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
process
share.pluso.ru/
0
0

process
share.pluso.ru/
0
0

hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 13:15:41 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sun, 27 Feb 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Feb 2023 13:15:41 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 27 Feb 2022 21:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230223&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f56de356e2d7c66634c06f73bd3e233874bce88b4d11d363308f2b4094a53ab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11353
x-xss-protection
0
06.png
share.pluso.ru/img/pluso-like/square/medium/
0
0

plus.png
share.pluso.ru/img/
0
0

csi
csi.gstatic.com/ Frame 4681
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~leo9uthm&c=4329284641937&slotId=2164642320968.5&qqid=CKqenqOmuP0CFdxgFQgdr0gPSQ&fb=outstream-lima&vast_v=2.0&vmfc=8&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c02::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 4681
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 04:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Feb 2024 04:18:25 GMT
file.mp4
r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4681
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13E50141EB0357037436C611723767F410760C54.5F53ABCD2977D60F24C99C70559789823872E2E8/key/cms1/cms_redirect/yes/mh/o0/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edndy/ms/onc/mt/1677589583/mv/u/mvi/1/pl/29/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:25::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 13:15:41 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
8090805
Last-Modified
Thu, 26 Jan 2023 12:57:57 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 28 Feb 2023 13:15:41 GMT

Redirect headers

date
Tue, 28 Feb 2023 13:15:41 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
654
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13E50141EB0357037436C611723767F410760C54.5F53ABCD2977D60F24C99C70559789823872E2E8/key/cms1/cms_redirect/yes/mh/o0/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edndy/ms/onc/mt/1677589583/mv/u/mvi/1/pl/29/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
kb.js
kitbit.net/
0
0

H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 97E5
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
438826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:21:55 GMT
expires
Fri, 23 Feb 2024 11:21:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
pagead2.googlesyndication.com/bg/ Frame 97E5
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14306
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 12:10:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Feb 2023 13:15:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCFC
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1687
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 12:47:34 GMT
expires
Wed, 28 Feb 2024 12:47:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BE75
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
156b44de48beefab8d1f055b7dbf7f85395cfa27827b1813411df6caa2aa4cfc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xHL2aL_-OQkNd_vwbb_ObA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-xHL2aL_-OQkNd_vwbb_ObA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Feb 2023 13:15:41 GMT
expires
Tue, 28 Feb 2023 13:15:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame BE75
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230223&jk=1281987990408366&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame CCFC
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 07:58:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
105443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14401
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 07:58:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97E5
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BePCZff79Y5iYJueKmLAPqZOdsAEAAAAAOAHgBAI&bg=!ICOlI3fNAAZYlHKzeJQ7ADkAdvg8WmEHtqAVdoa1oTNV2x0Pg_67ucTq66Gi1dv7JJY8okjLdInV25PfReprzPQQyVFIGfBMnroCAAAAglIAAAACaAEHmQLAzs8e9oQuAUjWGAE_PBGeV4gabq50TbpzFadfUF8UDDuLdgMcYIcyrCdhJaIPhD3dheaBIprjNfkWMGld-D7q5GUe_dCsP7EbWgbiO-GoHCDtAH8NhmUbdUeoNAWdr3VC3PTQewRJkffXOXKay_h8ZK2iCEj9giyzO3sLnD4Q9zrDiwfMaRwYZamoo5xrC_55kFIEllPtkxK5XdBFzPmg6lQ1CIcmHfy26sodADIVwprmtNHetQ-gOZopJoFCTC1aEExyPTkmNJqOAYHPzxOFHfJ77a7swcw5pgn6mAcBd55i-UFHTlPIbQcMi5ePbCYW9cwUVcRwsSDEdFDbbtsP6lORHtXK4h7f2jEsRb7ACrRugxSVKLGRWUr9U52vBiso7E7riPTqfpbL9v7BEJRGWt4q7he1f2MeaMpEkEtn_p4QeW500Vh_D_81aEOTbWP7rfx0OysxDiFVq7G_jOu1cXB7n7jbQrbM3V2Y-DOjFpLCEGL37mfeTwmDlxcOyhR1ezPzZlIuV5W5FXDMtsAzgmAhZqhH9BvxCSwXt7S6lpCcvVAbJnnqoDReaMAEN0iuGWTp8YcmDi6qhEXTjNvaSCgJQUiiI8Gnx6azA-9OB31BDtwv-yavHiDbDrlKmyVu6izXStT9v8p9FUs3m7-76nVu_5s_-EfIQ3356ezyIlYTMyHwY_7i1sb9w_Xmn-5TvQZxgatn4Dq553ETXMgdsAKB9srks2yxeFiM9rvYomyrfMqJXuiezZaoRtM6zQ8YBFr1Lu8MPsUCgWq65Sc2cgt_PLkCJXON09hO5FOZ3PRH1JeXCgibRbgTCNogykoJ_oFddQ8QXxGMinzBL7DsjJqWSsqhO0CIdY0R_9jImlidKSkRDRpYbH1n6fN61N256jI59n0Oi6X87axbeQhmnr_HR1lycBRyHDoMoiVXmCo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4681
167 KB
0
Media
General
Full URL
https://r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13E50141EB0357037436C611723767F410760C54.5F53ABCD2977D60F24C99C70559789823872E2E8/key/cms1/cms_redirect/yes/mh/o0/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edndy/ms/onc/mt/1677589583/mv/u/mvi/1/pl/29/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:25::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 28 Feb 2023 13:15:41 GMT
date
Tue, 28 Feb 2023 13:15:41 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-8090804/8090805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
8090805
last-modified
Thu, 26 Jan 2023 12:57:57 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
generate_204
tpc.googlesyndication.com/ Frame CCFC
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?nzFCjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 13:15:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230223&jk=1281987990408366&bg=!_P-l_6vNAAZYlHKzeJQ7ADkAdvg8Wvgi0Px2D8JvDSuXJ5j5u737-HfEudY1wkl_rg5B2fUG5LRqy6NmvS-TDQN36k9mzCR04FwCAAAAd1IAAAADaAEHmQKfiy7XHS8KOdW2nz-dLQsGlkKYSDi64LiN5FDutc8inXZ3GemZLOPOg355zO7xpAxCWGwFni_mPVAEYFJnR1dsCcAlxT27u3ThR3VaUkns9W9JQ5MDFC_A4v8em4eoq2dORoH65lLvlkcdss9bPsWndfuEXpZ07SN2rjaqZOgbc64wooQ5hGMSLFHPSQPJrmxu0uDPF2PbVk-RfUR5WniUyJ-QjfuMM4CmJ2EBJuNcIo34LnC31_TRFX5MmyoPQ7LkVCdXHDIClm7ts96QsyW1zbsvmaZvIBnWBsLu2sKQNREiPzKz212y2jle6aWZxTELXnFsbalMaV5-jAwtLyiUrbgM_OL38fTxnx5Q3OlXb92lZRojUyC4jVj70rKTvWMSMhqOgIVby372LOn-zSTeDRwzoND6M7Qaj8OD1g5168TfT342pC6peIwPNO1p2oGopGnICRiPuvOOl1dkNCgscjJFrKHFoDFP1R4pqP046CxEWoCWG1TpcfPVwWCzCjxFl4qDLySkzf4WjVY1-tFNDSOhaHRc6H9dJoe6x42yEs-ZRTqYuBRFal4nMv-pHIoq28S9MG14eUjI0w05ZsaNDhPTex-tRMFEjb4sp6M6Pkx1j9p_0q4lsQyrkO5RLabR_-oGNsnWEEJIHTnmb988D9jr-TFCZducqhWwO1jKzZYGAqgY0l8f3nF4zlDUbysfkr3v-IATxS3lviTm1M-jQk9_r1UeS16Pr8tcW8RAwhO53EfwgSqtc-MbMEmAEvLmCTVeb-Q9ddGrFP7Qer4lMFuTjYqFwk67mmV7TrnIFChNmp0FI2nX1z8LyxFEomSHXktn4glGHd2d-GZiEEI8kPtdQ1fMggHz6YpyqbC-k2-zR3xGqNcsWO_CUVCeiGI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame 4681
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~leo9utpq&c=4329284641937&slotId=2164642320968.5&qqid=CKqenqOmuP0CFdxgFQgdr0gPSQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=956&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4010:c02::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 13:15:42 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame C22B
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=GZsyuYt_G4ZXIPG8Vzxb4c_yXFHXJMmSiEg_3OyML_5kXjlmgy5Wv6HzlegUSEBn_6oJg_KOCaDVbhBT1oHqHTfu-CPDsCcE1HMDbHokWahjKigN_M9t4wGqIusW-mIzVACl0gHtcmRnZGXdRaJE5bgToCX53ZGwj107PhcELRR998tCFVGNZIn05_5-ZyJ3jl61cpVbU99cBP9-3Hy7yyExWwCcb0ipdCgktCp2odJTyyuQmCWvomS8s3c&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 13:15:42 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame C22B
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=GZsyuYt_G4ZXIPG8Vzxb4c_yXFHXJMmSiEg_3OyML_5kXjlmgy5Wv6HzlegUSEBn_6oJg_KOCaDVbhBT1oHqHTfu-CPDsCcE1HMDbHokWahjKigN_M9t4wGqIusW-mIzVACl0gHtcmRnZGXdRaJE5bgToCX53ZGwj107PhcELRR998tCFVGNZIn05_5-ZyJ3jl61cpVbU99cBP9-3Hy7yyExWwCcb0ipdCgktCp2odJTyyuQmCWvomS8s3c&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 13:15:47 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame A385
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hqmh1It_G4ZXIPG8tSmTe63h3HKkM2PW47DByjFmt4H7F8qZlqtZCymCNCRy_N7J7S7b8bD6jgL-jSshukwlL2N0Q_CRJAqS5zhJnmPxIadjda6UeQQ-75r9HMzvMf0PuUh-FUW0Dkz_q0YAfk7F3DbTaltbeqV4ucS-qSaRHISs5dKzdvUp5h01A10yj4wJY77kr8L5GKs2nv3m2XWX31l0JaBAdYbI1CotVaFedWkIjxFUIElj9kRKCl4&sds=2&rev=84953&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Feb 2023 13:15:47 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sci-hub.shop
URL
https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=JsAn5MS5dPkmiI1C&first=1
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=IskV1XZigUguIvcV
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/pluso-like/square/medium/06.png
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/plus.png
Domain
kitbit.net
URL
https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go object| adsbygoogle number| ifpluso object| pluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| googletag object| k string| pt object| s object| GoogleGcLKhOms

26 Cookies

Domain/Path Name / Value
.sci-hub.ee/ Name: __gads
Value: ID=4b81ca31c7a681ec-227472f52fdd00d5:T=1677590140:RT=1677590140:S=ALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ
.sci-hub.ee/ Name: __gpi
Value: UID=00000bbd2ee3f397:T=1677590140:RT=1677590140:S=ALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q
.doubleclick.net/ Name: IDE
Value: AHWqTUnFSaBTQIbatXuAP-KTXIevYpff3XDrE5sKz8ndxHXfLm2sNNxUh4d-Q1LIgZg
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EAMBCQGzKIEA
.quantserve.com/ Name: mc
Value: 63fdfe7d-11fb5-f219b-521d6
.yahoo.com/ Name: A3
Value: d=AQABBH3-_WMCEKMSYibmk3D-mJ9i1nbeBPgFEgEBAQFP_2MHZAAAAAAA_eMAAA&S=AQAAAqomUC7UCqhPf4RimKc7fl0
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003%22%7D
.casalemedia.com/ Name: CMID
Value: Y-3.fXKg8lNWE4tw2KwOkwAA
.casalemedia.com/ Name: CMPS
Value: 2162
.casalemedia.com/ Name: CMPRO
Value: 2162
.adform.net/ Name: uid
Value: 4234959423832040675
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D64C1E30-B37D-45AD-AEF7-88FF758387D0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003%22%7D
.innovid.com/ Name: uuid
Value: 886fd7de-e793-4eb2-b330-420253a3db3d-20230228 08:15:41
.adfarm1.adition.com/ Name: UserID1
Value: 7205194791698299034
.bidswitch.net/ Name: tuuid
Value: cac45f07-038e-41f4-8b60-1c97f511101d
.bidswitch.net/ Name: c
Value: 1677590141
.bidswitch.net/ Name: tuuid_lu
Value: 1677590141
.360yield.com/ Name: tuuid
Value: 9aa803cd-ddf5-487a-b8f7-6cdd55f52948
.360yield.com/ Name: tuuid_lu
Value: 1677590141
.bidswitch.net/ Name: google_push
Value: Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg
.tribalfusion.com/ Name: ANON_ID
Value: ainseFt3er66AxvPAB90eMr4YMJl2Zb7ibKBcVgZcrx5a1fWXwOeqU7AvuCcZaYZc9DYl7YAsJNQkY1bvPmieWls
.yadro.ru/ Name: FTID
Value: 1Z_Vvz3ij3eV1Z_Vvz003LCc
.yadro.ru/ Name: VID
Value: 1dQyDB23JpuV1Z_Vvz003LDg

4 Console Messages

Source Level URL
Text
javascript error URL: https://sci-hub.ee/
Message:
Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.ee' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx-NoYql6lcVBzjRn9G5_dEUZR5w0iY0pJtGg4pW_5VVPeD5YJ-GRcZbKC5l1tPo7zY-OEJxoRiAYl-yi9XFPb9id46u6SZP&google_gid=CAESENkeWZqmFeBkN5fceM5ktGA&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
bid.g.doubleclick.net
c1.adform.net
cat.fr.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
csi.gstatic.com
csm.eu.criteo.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
img.sci-hub.shop
kitbit.net
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r1---sn-4g5edndy.c.2mdn.net
rtb.fr.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.tribalfusion.com
sci-hub.ee
share.pluso.ru
ssum-sec.casalemedia.com
static.criteo.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
x.bidswitch.net
img.sci-hub.shop
kitbit.net
share.pluso.ru
172.217.18.2
178.250.0.160
185.80.39.216
198.47.127.19
213.19.147.45
2606:4700:3032::6815:a85
2606:4700:3033::ac43:a162
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:25::6
2a00:1450:4001:802::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400d:803::200a
2a00:1450:4010:c02::5e
2a02:2638:3::9
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::b
2a02:2638::c
2a02:fa8:8806:13::1400
2a05:d018:d29:3605:3a35:c032:6d7e:7081
2a05:d01c:1d8:8102:80ae:1ebc:7401:1031
3.127.31.230
3.33.220.150
35.227.252.103
35.244.174.68
37.157.6.245
51.38.120.206
63.32.244.117
64.233.184.157
69.173.144.165
85.114.159.118
88.212.202.52
98.98.134.242
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a9af4aa5b71b6c5c2902f37cd661bf3b3c3f99bfc628e1f275721bf389b6235
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
156b44de48beefab8d1f055b7dbf7f85395cfa27827b1813411df6caa2aa4cfc
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37c3e09f74a18df5356939a9fe79294ece2fa111711e6f4b565fb2bcb1f00de2
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
393169efa07a3fe9db12ffbeec66e785b844eeabfce773e02f4db4f1e100abeb
3d556eccf38e1ad4e2040e7c4be64a72a166d344b1ed51f132046f237951b331
4233fdce81ee4f6a870a666984670d6139c6293203c8f8ffaed1a6edfc8098aa
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
475d9f9239506ff551d4b2eb82200be31fd2b7b50416bb58cba715ec0043277c
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
591e3eb39b18c9b5a89a3b1abc73d76b738ccfe6fbf9aa987a44f17f98a751c4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67cd2b1c1d8304a542db5c761e5f0477ee48901ca39fdda96ad03859394d8e1a
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a361f91395f1de8036b86f4b31d34814cc4f7c2109cb2f9192a0fb26eb4dfd4
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
6da5fe27003264096969c620fa2b398b8a33ec33f5f1f848098f53027c8692d5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
760f0378a60ceb9aaf46bb32b3f971187cb7f7c15e7f6c16a45e3015a4f5f1c2
7d169c9f71196ce767a338dbc4306f2142c880ecfb3be8a50d68f205a2844be3
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
81a140499570e360cb09d601f7eb7da3a865abae6516013f7b0f7777dce9591a
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8c86f9e13582b1dd6eacabb3ab6f7c75a8403cc9dd0eef69c0a7a7e28bc146c7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab648d9a24739ec1925514c55be50352eb98446017057d094bb1dfe5f9079af
9c128b791b2088905685740ca5d3a2042d8e92f80a4c18c3ba3f24ba26065c15
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac916e2d317e4ff09b704a61c5664fc166e74179491d60cc17d95f482afc2a1b
b159fa8e90945bc80cd1c0757eef0c2ff67540dda47318beff5be8b70df10642
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e73b62d76def10576a592ea3a79436973c1cc13c0e64536609c1e0ca816dcd45
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f56de356e2d7c66634c06f73bd3e233874bce88b4d11d363308f2b4094a53ab5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28