sci-hub.ee
2606:4700:3032::6815:a85 Malicious Activity!

Go To Rescan
Add Verdict Report

URL:
https://sci-hub.ee/
Submission Tags: falconsandbox
Submission: On February 28 via api (February 28th 2023, 1:15:38 pm UTC) from US — Scanned from DE

Summary HTTP 164 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 11 countries across 35 domains to perform 164 HTTP transactions. The main IP is 2606:4700:3032::6815:a85, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.ee.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2022. Valid for: a year.

This is the only time sci-hub.ee was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::6815:a85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:3a35:c032:6d7e:7081	16509 (AMAZON-02) (AMAZON-02)
1 16	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 3	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 3	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:80ae:1ebc:7401:1031	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
21	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.127.31.230 3.127.31.230	16509 (AMAZON-02) (AMAZON-02)
2 2	63.32.244.117 63.32.244.117	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4010:c02::5e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:25::6	15169 (GOOGLE) (GOOGLE)
164	34

1 2606:4700:3032::6815:a85 (United States)

ASN13335 (CLOUDFLARENET, US)

sci-hub.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:3a35:c032:6d7e:7081 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.245 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Castricum, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.120.206 (Hessen, Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:80ae:1ebc:7401:1031 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.31.230 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-31-230.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.244.117 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-244-117.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4010:c02::5e (Finland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:25::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5edndy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	criteo.net static.criteo.net — Cisco Umbrella Rank: 625 pix.eu.criteo.net — Cisco Umbrella Rank: 7936 csm.eu.criteo.net — Cisco Umbrella Rank: 8487	473 KB
28	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 bid.g.doubleclick.net — Cisco Umbrella Rank: 703	83 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	292 KB
21	sci-hub.shop img.sci-hub.shop — Cisco Umbrella Rank: 351743	584 KB
9	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15753 ads.eu.criteo.com — Cisco Umbrella Rank: 8414 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13386 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9640	127 KB
6	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1090 r1---sn-4g5edndy.c.2mdn.net — Cisco Umbrella Rank: 674548	951 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 442	133 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 712	827 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 590	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	145 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9857	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292	794 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 510	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8947	696 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398	587 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 596	191 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1794	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	457 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1367	350 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 614	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 654	464 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957	573 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	600 B
1	sci-hub.ee sci-hub.ee	7 KB
0	kitbit.net Failed kitbit.net Failed
0	pluso.ru Failed share.pluso.ru Failed
164	35

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
21	img.sci-hub.shop	sci-hub.ee
16	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	sci-hub.ee pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
12	pix.eu.criteo.net	ads.eu.criteo.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sci-hub.ee
6	csm.eu.criteo.net	ads.eu.criteo.com
4	csi.gstatic.com	imasdk.googleapis.com
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	onetag-sys.com	2 redirects googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	r1---sn-4g5edndy.c.2mdn.net
2	counter.yadro.ru	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	match.360yield.com	2 redirects
2	x.bidswitch.net	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	sync.1rx.io	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	dsp.adfarm1.adition.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hub.ee
0	kitbit.net Failed	img.sci-hub.shop
0	share.pluso.ru Failed	img.sci-hub.shop
164	48

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sci-hub.ee Cloudflare Inc ECC CA-3	`2022-10-22` - `2023-10-22`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-07` - `2023-04-18`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://sci-hub.ee/
Frame ID: FAB8F375E9C5F2E85C2AC28050996699
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Frame ID: D112ABEF470E0B9A5B2509B8AC2B8932
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Frame ID: 4681D1D41EE39DD35B920DB103652E0A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1677590140&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140271&bpp=2&bdt=442&idt=241&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: CB486AFAD5AD8FF58C19059D61B277DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Frame ID: 67EB4450138706DA6B400B712A2750AA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Frame ID: 5BE25E1D04213FE0624CE6F258A37BB0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.3357258965~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=IW3VLjrhcV&p=https%3A//sci-hub.ee&dtd=17
Frame ID: 6817BE7943E7B56FC6DB372D945F3FF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Frame ID: 7F7D1B4D1ACDF9D175DC6C74165C9525
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: A38573B4047411C14654707B5F7D2D24
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C11761B6F40C194063FC69159911FED3
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: C22B188D556A68A45E10320DC25D7C3A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 450CA3B2CEBB784B95C1ABFE4EEE43D3
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: CC5E7BE230FEF031792328630F5F4C92
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B76FF34D57DF4C236452A6DF3945F0FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 97E51653CC19BD0BD0F9FF92F8BCCAEB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCFC9103C6603AB5E2C824DA6BD6A4A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE7573F789538781BC580A259E059347
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

164
Requests

87 %
HTTPS

60 %
IPv6

35
Domains

48
Subdomains

34
IPs

11
Countries

1881 kB
Transfer

3855 kB
Size

26
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 58

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH27xe2yRltccDZ_M-IL-8E&google_cver=1&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B

Request Chain 59

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI

Request Chain 60

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELJQd9_T-xkvSONh7-yOcA4&google_cver=1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677590141033 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE%26google_hm%3DAz7tYfCePk7LgpkUvN-3QbI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&google_hm=Az7tYfCePk7LgpkUvN-3QbI

Request Chain 61

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEwAZ5s_Qith5EZD24QkOKo&google_cver=1&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7Sjic2LLtovBnkaIpWpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7Sjic2LLtovBnkaIpWpw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 66

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEr1y5mj89j0gjhED0iG5IE&google_cver=1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEr1y5mj89j0gjhED0iG5IE&google_cver=1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1kweMLN9Ra2u94j_dYOH0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O

Request Chain 67

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKdAinT73DScC6t5jnCOJuU&google_cver=1&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPOVVUQUQtQy1EMlAw&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim

Request Chain 68

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_cver=1&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_hm=Y_3-fXKg8lNWE4tw2KwOkwAACHIAAAAB&google_nid=index&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34

Request Chain 110

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF8HcCTlVoz-D_BzB_OKBqY&google_cver=1&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTE5NDc5MTY5ODI5OTAzNA%3D%3D&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4

Request Chain 111

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg&google_hm=ysRfBwOOQfSLYByX9REQHQ==

Request Chain 112

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAJys-oGhVhQkjwDRjqtWVo&google_cver=1&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B

Request Chain 113

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGhcjK5x5u1CQ-LkdDHJ0I&google_cver=1&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ

Request Chain 114

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPQdZSR8AZjoHrxtwaTx8UQ&google_cver=1&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M

Request Chain 115

https://match.360yield.com/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mqgDzd31SHq492zdVfUpSA&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY

Request Chain 144

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1

Request Chain 150

https://gcdn.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/65D67AA869028178B3D9DC96ADBFFDDFE0727791.3184E4810BA62D8784EA6E970A82C3847656634C/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13E50141EB0357037436C611723767F410760C54.5F53ABCD2977D60F24C99C70559789823872E2E8/key/cms1/cms_redirect/yes/mh/o0/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edndy/ms/onc/mt/1677589583/mv/u/mvi/1/pl/29/file/file.mp4

164 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sci-hub.ee/ 27 KB
7 KB 775ms
501ms Document
text/html 2606:4700:3032::6815:a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hub.ee/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b159fa8e90945bc80cd1c0757eef0c2ff67540dda47318beff5be8b70df10642

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=43200 no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a096e22cee3914c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 28 Feb 2023 13:15:39 GMT
expires: Wed, 01 Mar 2023 01:15:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DnLYeNeWsbgewm681fQKK0%2Fi8HrDOCj1VxhOQwwBoVT%2FibaGetQ6qz8bvm1Y6nWobtXDikNW6Y0uleC%2FNWgkHnETG53f00ihZ3qvvETiBWZUNsBvtG0jKhBBuZILWklfVlKnA6erhQK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-cache: MISS MISS

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 103ms
32ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 454746
etag: W/"5c00bb7c-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPR%2F3MC0vvrPZvFew8ggbhcERQT3lvBcZGwGaucArHgMlHni0quQXVAi43D9ThyZHIDyVxTn6zTVZEpaiQei6iYjWdnafw79iZkadiiUylEEv1e99L9ez7ZXImXnVrES0dJZRKh%2BlpHSWLceHL7W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a096e26694d368c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 18:56:33 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 124ms
54ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 454746
etag: W/"5c13665c-3dee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fq6kQKQuVDZ%2Fm7EGWWJ4Eihgccyjhfz1vL8SheQCSEdceZiivfR3bDBDXvkP99YNjbIGG7KJnx2b7CML2nZDVnAbS8nD2nVT5wLGX1d1oLHCEL1yxaubQ35NNxVKRgk2SQAcwsEbAmbQYFqGV1Yl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a096e266950368c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 18:56:33 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
23 KB 110ms
41ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 454746
etag: W/"5c00bb8c-1798d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Fpn%2FgovBUReG8BjZhwr1r%2BjtjJ9SS3TRTjAaAzA%2FjhFsmRosDaxL503o3wvZkY5RJRbHLjMT3PMVo%2BxrTBH6NQfqWkj4qxI86wCCcXeIYPgxhNeiqvVlPgt6JwiU%2B92Lw3ZRz5U%2BdL4TeZC0c2q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a096e267953368c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 18:56:33 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 29ms
25ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454754
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXC8bQpB8hGbcl25b3gsFNhs2gSMcppA%2BQWjVc4Vk8eCjRYTFsNSqDH6jcfdRGNicXYWuCmkTRNAT0GCSL%2F2BwLGDt3AKOh%2B%2F22h9evWU1NWYl6vN5dBskorm2yN63O3y3MdaFyFRBhx599b%2BqWD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e26d9f5368c-FRA
expires: Sat, 25 Mar 2023 06:56:25 GMT

GET
H2 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 27ms
27ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454754
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUdY9xa8WXf8cnSXE6S9itOFn06XjSb8fAM86saQOcFTGocxV1a8V%2F1sL8%2Bqu6KC4Lqe1pXr4iFYXoUtAqduWNxpcuPNhz6eEHKsr%2Fmg8mrNeAGkQo6HIqg31KhwZ8GxHoXMiz5zRLWDN68CNet3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e26ea0d368c-FRA
expires: Sat, 25 Mar 2023 06:56:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 199ms
137ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sci-hub.ee
URL: https://sci-hub.ee/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81a140499570e360cb09d601f7eb7da3a865abae6516013f7b0f7777dce9591a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49470
x-xss-protection: 0
server: cafe
etag: 12161527375708763004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:15:40 GMT

GET
H3 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 32ms
30ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJMznr4tYjsZmN%2B7wfue7RWdQvGDd%2ByukVvzJy2hPGlF9a3INOwBZhwVNGCafCNrp%2BaN%2FMP0dLZi1Szk6l%2BdmQ02BWF65jdv9Nm%2FVtpQzMJcKQoebGWzaAuvri67m1CEYboEllRyEaVeP5vHG3pT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e271a7b997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 116ms
116ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAQ8ujrrUHPBUHp9h3UjtpsifHid2Toik9BP%2FjpCwXF5auh3GvIL4SeCPur6bB1ni2K7RLJCZ1KSqOIa0VbCEMKTas5VfNtDUGWOVN32bh32zRESHFEhQmRG1LRP1dXhmVNprmlaFyJIq5KYwuys"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e271a7f997b-FRA
expires: Sat, 25 Mar 2023 06:58:17 GMT

GET
H3 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 118ms
114ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWCgWdpgcPv7l2Htp3Oj6nswlskkpHQ7aGmIDHWltECh%2FHbNhivn6eka3qHJkFRKQUgNTcbWsLxxdenFUXFrKxt0QoEi7RpFwoBxPsAL%2BXcpczcyMMw6C4DFzNjYg1r2gClWeMaXydEf%2F5gYAJO3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a8a997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 136ms
132ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxlqy2z5jOxbOKEC3ost88Mb0PKeC2SEKxSvASkMG%2B8Z%2FrSLO6XvvCDSxlOYivmimoFqcXrBVAjnX%2Bz8xhjEQYo4QC9nzyBBfFMONr50oS4iYbc4jSCH5G9SrGJV5RuJM0doB3Qm8gGLLTS7fv4F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a8c997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 138ms
135ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhkucc0zCPcxTYAuOrgEZMkCtbvsr%2FRwjno6pA9oFS%2Fn4BzJCPoOsWN%2F8bSm1kZdGbf%2FUOnrwBGrTiissoEw%2FivWGP6Pgw0D04saByMya2goBZEQdmDfr8u0XrAiargBwZ8CgKlFQgGhYoF5fwwI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a8f997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 139ms
135ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rNKrXOadafPsP%2B116FpRNoIMnqE%2Fy9EuaZnsOJ4%2BkOUrWsUtzpAVFRTD8ha8eVNN%2B8lHMsC0OtoF6zs%2BdMhkd6RgARIE7JJ4XYMn0E5qx4ASNWiFUp4lqMBCCFkruafazDASXkhvjgiIvQwDatE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a90997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 139ms
136ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbA1g1%2BhabZLs9mFXM7s%2FuMyEXv5KJ4k352E%2B4TwrSRID%2BUKJxhfoSwyvHf5S5PgifxZQlBhP2vrJswCZSPjU%2BIgTJ1CtPL64%2BXJTUKd%2FAlL1n1W5KwOrE98ZJI6G9sqbhv%2BMWt3AKZSODmQDmTh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a91997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 139ms
136ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSfO38lDV2szMQBAaoJGadTkeTDNV12B5dl0tQcCmqcaP5XbQ%2B7ZdvXkDDPMPD%2FRjOqMbYK%2BfpCdPJj%2FjXrpBNqog3RQGmXBdcpsyiVgCf779KwkeNFj5dC6JyTec6987r92xI5D53Kt3gV2uRnZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a93997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 140ms
137ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSIqvCu1lLKCyCDY47whX20oKb9%2BIoEzYORgCxJIYZd3XywMmFlq4P30R95VdxrLo7cJOo%2FUWir7%2BIQuPskFLM%2BkO3xdVhNKlv7G7hrwZ0lKWVA2Xpp8N7mvkuesqz80Mru0yybOYFy%2BW1lRHQdZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a94997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 140ms
137ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9h9VfK1mxCM53ok7TrdE0SD4u%2BFaW2vnk6wfwu6f%2FeeW3APeGsN542Ol7npYOWMm89569rGVrtedNndTOZJTI%2Fj5xeGa7XySYEyujfXprYUKw8U0MmRWbi%2FgkDLU0%2Bduh3GYbSWbxldS91PZC0T"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a96997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 140ms
137ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRZYV4Az3YblmtVFq4XkOYL9yxUA5Hiq379bgf2EOVOLfk7ufhlrfxmRdE%2FzCIx1I2S0r6hZUWltOvSEp9BISsQRLMl0WfXSLGImMhd4Bl%2FAC8dNmv4GYzHUIfGHzqmWrsEQOvZ3GD1OrYQcczER"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a98997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 153ms
151ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn7ZoY2qdIeaEpR1OXKdkVaysx%2BwqIviPfPMD833wa9ULBynkO8vPSYrmeaeQ0Gq68oiIsJUkeMQhne9StwQcGAikg63kYwQbv7bztuB05W3Sz%2Fy3WCGr7Ciwt%2F%2FzgPbYWe%2B9BD3TGKKv%2Bwyh4ns"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a9a997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 154ms
151ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKWz0kY5e%2B5okxOK43Cqc3wJKZdG03v908isj4ZmwPn%2FQkN6YGt73oridGj00T7lSpe9Fc96nAxr%2F1xGys6HPnuPPOcv9SNW29vwIBb%2BWtdcksehEJhJFXOaIyW7mszuceSkDY8R4wbMHrOJfo1O"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a9b997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 154ms
152ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDK4VYHwblJiiOKUA6UzZrcGuvwAXyKsFYN8Ym%2BFd0PuHxj6pGX5v20652ibUZA5%2FXo2B4lvKCJtE%2BfvqGRfoQg7xeKN1%2BygXdp4jVGvTLuDXAENCgEov8sxW5zFHLZd5HCLImjrKaXQ8t87eNHj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a9e997b-FRA
expires: Sat, 25 Mar 2023 06:58:17 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 154ms
152ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 454366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLlPJ1pwCsviVboZp0aSope02CWDghLhqqDsECGiUCjHa3W14v%2FK3%2Fynvhf2oSaRMoJelrh0sIYeiWyR4eOm7E4kgG%2BK%2FgJCyFRVeqvA6eaF%2Bq3dIcupqaIa%2BelHKVnIzLizMKyAdAS1NPCjp2oT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a096e272a9f997b-FRA
expires: Sat, 25 Mar 2023 07:02:54 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 107ms
106ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.ee
URL: https://sci-hub.ee/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 454764
etag: W/"5c00bef8-a5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXhSS82m2muWc5P0sBki1nCEJlKHjT84foX9TfZk8RjhmxbJErgpv3c%2FX%2Ffb%2Bw%2Fh7rAkgXxsrQvLCuoEDKkS1OIVjaRBcyZJfuq%2BkXTJ%2F6t0jxnGLis9phvtTKxnryNLWKAqs6Na2YIJ31v9cuVt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a096e277afb997b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 18:56:16 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 366 KB
121 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4233fdce81ee4f6a870a666984670d6139c6293203c8f8ffaed1a6edfc8098aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123270
x-xss-protection: 0
server: cafe
etag: 9262178888797325166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Feb 2023 13:15:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/ Frame D112 10 KB
5 KB 70ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 20:30:30 GMT
etag: 2378337311435320485
expires: Mon, 13 Mar 2023 20:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
600 B 99ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.ee&callback=_gfp_s_&client=ca-pub-5451336487934366

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5451336487934366&plah=sci-hub.ee&bust=31072479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d556eccf38e1ad4e2040e7c4be64a72a166d344b1ed51f132046f237951b331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 79ms
30ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sci-hub.ee

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 105ms
32ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.ee

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4681 72 KB
23 KB 488ms
487ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c128b791b2088905685740ca5d3a2042d8e92f80a4c18c3ba3f24ba26065c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23646
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Tue, 28 Feb 2023 13:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.ee
URL: https://sci-hub.ee/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB48 2 KB
664 B 81ms
80ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1677590140&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140271&bpp=2&bdt=442&idt=241&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=259

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

760f0378a60ceb9aaf46bb32b3f971187cb7f7c15e7f6c16a45e3015a4f5f1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 464
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Tue, 28 Feb 2023 13:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sci-hub.ee

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.ee

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67EB 26 KB
12 KB 339ms
337ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

591e3eb39b18c9b5a89a3b1abc73d76b738ccfe6fbf9aa987a44f17f98a751c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11901
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Tue, 28 Feb 2023 13:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BE2 26 KB
12 KB 163ms
163ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c86f9e13582b1dd6eacabb3ab6f7c75a8403cc9dd0eef69c0a7a7e28bc146c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Tue, 28 Feb 2023 13:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6817 430 B
230 B 204ms
204ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.3357258965~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=IW3VLjrhcV&p=https%3A//sci-hub.ee&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d169c9f71196ce767a338dbc4306f2142c880ecfb3be8a50d68f205a2844be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Tue, 28 Feb 2023 13:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F7D 26 KB
12 KB 239ms
238ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab648d9a24739ec1925514c55be50352eb98446017057d094bb1dfe5f9079af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12190
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Tue, 28 Feb 2023 13:15:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-5451336487934366&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230226_093409&sat=1677575829325&afm=0&as_count=1&d_count=0&ng_count=0&am_count=4&atf_count=0&mdns=0.048&alldns=0.239&allp=9&fd=(0%2C8%2C7)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=5867&abl=false&rr=n&su=sci-hub.ee&pvc=1281987990408366&r=0.1&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479

Requested by

Host: sci-hub.ee
URL: https://sci-hub.ee/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 5BE2 3 KB
1 KB 80ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 5BE2 20 KB
9 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5BE2 0
0 84ms
31ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYzGM3WMuKocQBgyoNLt5z119bwl7ftwbhBZzEqAccrkd8e7qm3x2sDWEYKLv98ihwX55qIxoIKWXWfesX6kPpQqfE8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BE2 158 KB
49 KB 89ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 13:15:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5BE2 0
0 75ms
74ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpJ28fP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLUBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjBTSA0pYcdv8jqKGeYQ0SPBc24z_YRaCl7wtiXcmPCQ8CfLxbx8FoAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTQ1MTMzNjQ4NzkzNDM2NhgA&sigh=gJT53P1m7h8&uach_m=[UACH]&cid=CAQSOwDUE5ymUw1UbQoityRWEC22RS9jI89hjYzeXJuffsNGq22DW18sUPmHmUc8ekzXGOAdGYsqvxnOPSCxGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5BE2 0
0 139ms
31ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kNL1Fcz6RLAJmAKdg2ICAgAAAE6MsNyRbyQ_EHz-_WPgPuVElc81Sn4pAAASAAAKDkFRVURCUVlCQlFFQkJR&wp=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 280306
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A385 119 KB
42 KB 187ms
100ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ac916e2d317e4ff09b704a61c5664fc166e74179491d60cc17d95f482afc2a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hqmh1It_G4ZXIPG8tSmTe63h3HKkM2PW47DByjFmt4H7F8qZlqtZCymCNCRy_N7J7S7b8bD6jgL-jSshukwlL2N0Q_CRJAqS5zhJnmPxIadjda6UeQQ-75r9HMzvMf0PuUh-FUW0Dkz_q0YAfk7F3DbTaltbeqV4ucS-qSaRHISs5dKzdvUp5h01A10yj4wJY77kr8L5GKs2nv3m2XWX31l0JaBAdYbI1CotVaFedWkIjxFUIElj9kRKCl4"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 25682202
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C117 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 17:13:05 GMT
etag: 48472445140208031
expires: Tue, 28 Feb 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7F7D 3 KB
1 KB 55ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7F7D 20 KB
8 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 11:09:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 11:09:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7F7D 0
0 58ms
32ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTY9fLIGGZNd19_-u8LoBem5kHijZQX-nDpgeFb-ZfUX_5T-3vgtbrKSv-oq_aBR1CP66eiXXbvbvJmFpGOveJCkfdeVA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F7D 158 KB
48 KB 97ms
69ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Feb 2023 13:15:40 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=3809598800&adf=4061442901&fmt=1200x280&str=true&ad_y=3320.96875&vph=1200&r_nh=0&r_ifr=true&qid=CIPgqKOmuP0CFbpmFQgd9Q0KcA&w=1200&h=280&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fsci-hub.ee%2F&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479

Requested by

Host: sci-hub.ee
URL: https://sci-hub.ee/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sci-hub.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7F7D 0
0 70ms
68ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY0_-fP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEtQFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFSckJb4WYjH6_yhTfJf41TtT6zOsCJ5KcjY2h63QK5MzUJNUjmvGxJgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NDUxMzM2NDg3OTM0MzY2GAA&sigh=G2cfdk4lGDk&uach_m=[UACH]&cid=CAQSOwDUE5ymXjdNaSrLhmV1vBsts9CQkGHyv7euKONkMFYrnsO1RVqV9EHkaj9M4Ij7ydGRKJtPUy7mPeYAGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Feb 2023 13:15:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7F7D 0
0 114ms
31ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kNL1Fcz6RLAJmAKdg2ICAgAAAE6MsNyRbyQ_EHz-_WOPU7odkGsYrICCAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 13:15:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 267916
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C22B 120 KB
43 KB 121ms
59ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a361f91395f1de8036b86f4b31d34814cc4f7c2109cb2f9192a0fb26eb4dfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 13:15:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GZsyuYt_G4ZXIPG8Vzxb4c_yXFHXJMmSiEg_3OyML_5kXjlmgy5Wv6HzlegUSEBn_6oJg_KOCaDVbhBT1oHqHTfu-CPDsCcE1HMDbHokWahjKigN_M9t4wGqIusW-mIzVACl0gHtcmRnZGXdRaJE5bgToCX53ZGwj107PhcELRR998tCFVGNZIn05_5-ZyJ3jl61cpVbU99cBP9-3Hy7yyExWwCcb0ipdCgktCp2odJTyyuQmCWvomS8s3c"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 19020992
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 450C 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 17:13:05 GMT
etag: 48472445140208031
expires: Tue, 28 Feb 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame C117 0
104 B 249ms
101ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJdNGG6EOcxg1jHbdHUS5hY&google_cver=1&google_push=Aa02lx-Vz3XJ1MT45kaoaG-RM6MlVJJ3Qpztp2-rB6B9iDWDl8Lv62oFqoPU6VhAnGnH8WvgSj0yskb3K5_3vRvekOtj4EiA3hGv
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 13:15:41 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C117
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmr...

43 B
412 B

198ms
196ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 13:15:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a096e2eede23684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 13:15:41 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1096
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a096e2d6aff3684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C117 70 B
265 B 153ms
47ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBMmIYWgqMECcpuRS7Gu0-Q&google_cver=1&google_push=Aa02lx-UhsCB113wa9DwrUhFcoEyBkif2WBkELHCVEVkW3kmX4-muY5oGhcxM-UWPiehJ_e79SK0IZ75AWHxLUPpW5jA71o5d54
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 28 Feb 2023 13:15:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C117
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH27xe2yRltccDZ_M-IL-8E&google_cver=1&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T&google_hm=eS1VMXg4bDNsRTJwRnhqNj...

170 B
188 B

42ms
42ms

Image
image/png

172.217.18.2
GOOGLE

sci-hub.ee Open in urlscan Pro 2606:4700:3032::6815:a85 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

164 Requests

87 %HTTPS

60 %IPv6

35 Domains

48 Subdomains

34 IPs

11 Countries

1881 kBTransfer

3855 kBSize

26 Cookies

4 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sci-hub.ee
2606:4700:3032::6815:a85 Malicious Activity!

Screenshot
Live screenshot

Full Image

164
Requests

87 %
HTTPS

60 %
IPv6

35
Domains

48
Subdomains

34
IPs

11
Countries

1881 kB
Transfer

3855 kB
Size

26
Cookies

164 HTTP transactions
4 data transactions