urlscan.io logo urlscan.io
SecurityTrails logo

sci-hub.yncjkj.com Open in urlscan Pro
2606:4700:3037::6815:290f  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://sci-hub.yncjkj.com/
Submission: On November 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 2 countries across 19 domains to perform 134 HTTP transactions. The main IP is 2606:4700:3037::6815:290f, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.yncjkj.com.
This is the only time sci-hub.yncjkj.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 26 2606:4700:303... 13335 (CLOUDFLAR...)
24 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 64.233.167.156 ()
3 4 142.250.185.226 ()
2 4 2606:4700:440... 13335 (CLOUDFLAR...)
3 4 37.252.171.53 ()
5 2a00:1450:400... ()
1 2 54.76.140.215 ()
14 2a00:1450:400... ()
2 142.250.185.98 ()
1 2 2a00:1450:400... ()
2 2606:4700::68... ()
1 1 2a00:1450:400... ()
2 2a00:1450:400... ()
2 2600:9000:212... ()
5 2600:1f13:800... ()
2 3 88.212.202.52 ()
134 27
1    2606:4700:3037::6815:290f (United States)

ASN13335 (CLOUDFLARENET, US)
sci-hub.yncjkj.com
26    2606:4700:3034::6815:9e6 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sci-hub.shop
24    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
15    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    64.233.167.156 (None, )

ASN- ()
bid.g.doubleclick.net
4    142.250.185.226 (None, )

ASN- ()
cm.g.doubleclick.net
4    2606:4700:4400::6812:249b (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    37.252.171.53 (None, )

ASN- ()
ib.adnxs.com
5    2a00:1450:4001:812::2003 (None, )

ASN- ()
www.gstatic.com
2    54.76.140.215 (None, )

ASN- ()
fw.adsafeprotected.com
14    2a00:1450:4001:82b::2006 (None, )

ASN- ()
s0.2mdn.net
2    142.250.185.98 (None, )

ASN- ()
googleads4.g.doubleclick.net
2    2a00:1450:4001:810::2004 (None, )

ASN- ()
www.google.com
2    2606:4700::6811:180e (None, )

ASN- ()
cdnjs.cloudflare.com
1    2a00:1450:4001:810::200e (None, )

ASN- ()
gcdn.2mdn.net
2    2a00:1450:4001:12::7 (None, )

ASN- ()
r2---sn-4g5lzne6.c.2mdn.net
2    2600:9000:2127:400:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
5    2600:1f13:800:7780:508b:8538:272f:fcf (None, )

ASN- ()
dt.adsafeprotected.com
3    88.212.202.52 (None, )

ASN- ()
counter.yadro.ru
Apex Domain
Subdomains		 Transfer
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
472 KB
26 sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 336502
586 KB
17 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r2---sn-4g5lzne6.c.2mdn.net
175 KB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
155 KB
11 gstatic.com
csi.gstatic.com
fonts.gstatic.com
www.gstatic.com
66 KB
9 adsafeprotected.com
fw.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
170 KB
4 adnxs.com
ib.adnxs.com
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
3 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
136 KB
3 yadro.ru
counter.yadro.ru
1 KB
2 cloudflare.com
cdnjs.cloudflare.com
29 KB
2 google.com
www.google.com
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
119 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
601 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
91 KB
1 yncjkj.com
sci-hub.yncjkj.com
7 KB
0 kitbit.net Failed
kitbit.net Failed
0 pluso.ru Failed
share.pluso.ru Failed
134 19
Domain Requested by
26 img.sci-hub.shop 5 redirects sci-hub.yncjkj.com
24 pagead2.googlesyndication.com sci-hub.yncjkj.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
www.googletagservices.com
15 tpc.googlesyndication.com googleads.g.doubleclick.net
sci-hub.yncjkj.com
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
14 s0.2mdn.net sci-hub.yncjkj.com
s0.2mdn.net
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 dt.adsafeprotected.com googleads.g.doubleclick.net
5 www.gstatic.com googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 csi.gstatic.com imasdk.googleapis.com
3 counter.yadro.ru 2 redirects
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 r2---sn-4g5lzne6.c.2mdn.net sci-hub.yncjkj.com
2 cdnjs.cloudflare.com s0.2mdn.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 googleads4.g.doubleclick.net sci-hub.yncjkj.com
2 fw.adsafeprotected.com 1 redirects sci-hub.yncjkj.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com sci-hub.yncjkj.com
1 sci-hub.yncjkj.com
0 kitbit.net Failed img.sci-hub.shop
0 share.pluso.ru Failed img.sci-hub.shop
134 30

This site contains links to these domains. Also see Links.

Domain
vk.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-17 -
2023-12-26		 2 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 16 frames:

Primary Page: http://sci-hub.yncjkj.com/
Frame ID: D8FCC0671B30849F11032B04AE002BE4
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 8CCA4204616167261CDDE8518B8D454F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&adk=1812271804&adf=3025194257&lmt=1699267051&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1699267051006&bpp=3&bdt=617&idt=231&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1899493881265&frm=20&pv=2&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: 9747F824A21A76614A515AAF6BD25EBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Frame ID: 76A2E416861D49FEA5FBB6DBD729F45C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Frame ID: CB687C2850E8DE92F03845A86A480D0D
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNU_yWkwtN8txwuLsauLM7ap7NToc2nMZdMWWDGtQLcACmhap6opz6T73D6lh6WOxVRQVmB5rdRMHIEJbNyJE1J8zAN5BMDnlxoX1AwkE76KsxZ5cs8LwHfm9a3FJ1uAlHV7owzUfJP4fmx36cpMgue2rHBnCO-360TVGFGyMmCjm06BBjM
Frame ID: 76AE6620AE52CC487511876D44C0D062
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 725C4E163FDF446014E03D17DC8562B1
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1565C788CA035B8F14A76F94774A54C4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9D079352926B67CEC2B6EEFC0505891E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0E16E11944B6924A5C51333727500797
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Frame ID: 91B63B88170D66DB64594D712D12226D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 115E3B38705B52F810D418AE3961D354
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6F006BDA25D0B58372862072AAF488FB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7446E85FDAF1BF89CF19065C6636FFE3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01FDB9FA7A15A72BC405A5C9A4BD4F6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AAC8371F28DAA5865E4BC873D3E212A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sci-Hub.Se: science hub

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

134
Requests

72 %
HTTPS

78 %
IPv6

19
Domains

30
Subdomains

27
IPs

2
Countries

2006 kB
Transfer

5073 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://img.sci-hub.shop/scihub/jquery-3.1.1.min.js HTTP 301
  • https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Request Chain 1
  • http://img.sci-hub.shop/scihub/jquery-ui.min.js HTTP 301
  • https://img.sci-hub.shop/scihub/jquery-ui.min.js
Request Chain 2
  • http://img.sci-hub.shop/scihub/openapi.js HTTP 301
  • https://img.sci-hub.shop/scihub/openapi.js
Request Chain 3
  • http://img.sci-hub.shop/scihub/medal.png HTTP 301
  • https://img.sci-hub.shop/scihub/medal.png
Request Chain 4
  • http://img.sci-hub.shop/scihub/key_1.png HTTP 301
  • https://img.sci-hub.shop/scihub/key_1.png
Request Chain 7
  • http://img.sci-hub.shop/scihub/top-back.jpg HTTP 307
  • https://img.sci-hub.shop/scihub/top-back.jpg
Request Chain 8
  • http://img.sci-hub.shop/scihub/logo_en.png HTTP 307
  • https://img.sci-hub.shop/scihub/logo_en.png
Request Chain 9
  • http://img.sci-hub.shop/scihub/raven_1.png HTTP 307
  • https://img.sci-hub.shop/scihub/raven_1.png
Request Chain 10
  • http://img.sci-hub.shop/scihub/map.jpg HTTP 307
  • https://img.sci-hub.shop/scihub/map.jpg
Request Chain 11
  • http://img.sci-hub.shop/scihub/about-marker_en.png HTTP 307
  • https://img.sci-hub.shop/scihub/about-marker_en.png
Request Chain 12
  • http://img.sci-hub.shop/scihub/quote.png HTTP 307
  • https://img.sci-hub.shop/scihub/quote.png
Request Chain 13
  • http://img.sci-hub.shop/scihub/quotenext_en.png HTTP 307
  • https://img.sci-hub.shop/scihub/quotenext_en.png
Request Chain 14
  • http://img.sci-hub.shop/scihub/pone.png HTTP 307
  • https://img.sci-hub.shop/scihub/pone.png
Request Chain 15
  • http://img.sci-hub.shop/scihub/ptwo.png HTTP 307
  • https://img.sci-hub.shop/scihub/ptwo.png
Request Chain 16
  • http://img.sci-hub.shop/scihub/pthree.png HTTP 307
  • https://img.sci-hub.shop/scihub/pthree.png
Request Chain 17
  • http://img.sci-hub.shop/scihub/people.jpg HTTP 307
  • https://img.sci-hub.shop/scihub/people.jpg
Request Chain 18
  • http://img.sci-hub.shop/scihub/join_en.png HTTP 307
  • https://img.sci-hub.shop/scihub/join_en.png
Request Chain 19
  • http://img.sci-hub.shop/scihub/joinvk.png HTTP 307
  • https://img.sci-hub.shop/scihub/joinvk.png
Request Chain 20
  • http://img.sci-hub.shop/scihub/jointwitter.png HTTP 307
  • https://img.sci-hub.shop/scihub/jointwitter.png
Request Chain 21
  • http://img.sci-hub.shop/scihub/joinfacebook.png HTTP 307
  • https://img.sci-hub.shop/scihub/joinfacebook.png
Request Chain 22
  • http://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2 HTTP 307
  • https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Request Chain 23
  • http://img.sci-hub.shop/scihub/pluso-like.js HTTP 307
  • https://img.sci-hub.shop/scihub/pluso-like.js
Request Chain 51
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
Request Chain 52
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUjB7tsxEZSSC0Y2tT8qngAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
Request Chain 53
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHL474EkiHmgm1nNa4mymF8&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHL474EkiHmgm1nNa4mymF8%26google_cver%3D1
Request Chain 54
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwODY1MjQwOTU3MTc3OTYxNw%3D%3D
Request Chain 84
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 101
  • https://gcdn.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/528623ED77A0A4832D0C56013AA11FD642A0AC16.603DD6DB6CFC4EC525DCF96020E61E760BBAA450/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0C6E10BC0A20A88D7937ACC543A565567A8225E8.17E7EE97F57B71823809F13F5FBEB0B68AC9A6FC/key/cms1/cms_redirect/yes/mh/SL/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1699265994/mv/u/mvi/2/pl/36/file/file.mp4
Request Chain 103
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-4835842337459824&ias_chanId=1&ias_placementId=20492286635&bidurl=http://sci-hub.yncjkj.com/&ias_dealId=&xsId=ABAjH0gvwvZOHoehgsFDeWBOs0vh&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gvwvZOHoehgsFDeWBOs0vh&adContainerId=brand_safety_7sFIZeyoJs-QjuwPormvyAQ&cbFunctionName=goog_wrapCb_7sFIZeyoJs-QjuwPormvyAQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fsci-hub.yncjkj.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4835842337459824%26output%3Dhtml%26h%3D90%26slotname%3D7008805130%26adk%3D156955669%26adf%3D2653041513%26pi%3Dt.ma~as.7008805130%26w%3D970%26lmt%3D1699267051%26format%3D970x90%26url%3Dhttp%253A%252F%252Fsci-hub.yncjkj.com%252F%26wgl%3D1%26dt%3D1699267051009%26bpp%3D1%26bdt%3D620%26idt%3D256%26shv%3Dr20231101%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D1899493881265%26frm%3D20%26pv%3D1%26ga_vid%3D482183071.1699267051%26ga_sid%3D1699267051%26ga_hid%3D871266505%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D315%26ady%3D1020%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079080%252C31079404%252C31079408%252C44807048%252C44807335%252C44807455%252C44807463%252C31078301%252C31079424%252C44807406%26oid%3D2%26pvsid%3D555664614903246%26tmod%3D1569905068%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaE%257C%26abl%3DCA%26pfx%3D0%26fu%3D0%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D6SWJDkhKG3%26p%3Dhttp%253A%2F%2Fsci-hub.yncjkj.com%26dtd%3D261&adsafe_type=bed&adsafe_jsinfo=,id:d7418248-9ac7-52a4-50ad-8622bcf04c3b,c:tbC1OW,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-554d68d5bf-jks76,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tUPdohp+11%7C12%7C131*.1627455-73523880%7C1311%7C13121%7C1313%7C14%7C151%7C152,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:28,oid:7f7b35aa-7c90-11ee-8414-028f520a03f1,v:19.8.458,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0gvwvZOHoehgsFDeWBOs0vh&ias_xappb=&adContainerId=brand_safety_7sFIZeyoJs-QjuwPormvyAQ&cbFunctionName=goog_wrapCb_7sFIZeyoJs-QjuwPormvyAQ&true_pb=
Request Chain 120
  • http://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1

134 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sci-hub.yncjkj.com/ 		28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sci-hub.yncjkj.com/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:290f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20b2fcab30b66f640e67386c77865ec85204300da2d58c087e85d924c1ce1f58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
821cb3958c4a9072-FRA
Cache-Control
max-age=43200 no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 10:37:30 GMT
Expires
Mon, 06 Nov 2023 22:37:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nScGVEMEVs6qLP%2B%2Bta7JL5dPPN3GnB4T%2B38DkcInLGQf7EVHlqTPnM0xuiAMNSP8Cot2QidLzh2GMJDZ1imYTUewQdOP%2BylZqmfM2VLqyw8K%2F6hRmY1gMt%2FeuO99h4IeMmylj3ZIsyGZ0QOYRPZqIrU%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Cache
MISS MISS
alt-svc
h3=":443"; ma=86400
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
  • https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2535393
etag
W/"5c00bb7c-152b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrn0TT1r4Jq6jRQIeLDFQXjebTrXZEsSZ44ahMgbK8HAP80%2FmjHBxb%2FZt1njczJj6EDq0DiM8rM3dA0%2Fow190WUGlA5BgxamJaGFhnbx%2F5moLsyu91e9dO9di1I271ncKqp09sjvLYWx3X0PtUAv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
821cb39aefed9219-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 08 Oct 2023 14:20:57 GMT

Redirect headers

Date
Mon, 06 Nov 2023 10:37:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVaZa%2FfOUuJ6frbLftZg84rqXxhlqMfbSvf5YGtv%2Bsk9UjFB2PsMBYGRXdZdp7cLwjGcCNTSzWdmMwdbasbayfNnmEmJTo%2BGW8Ko14f4pMc78BoJWoJRBsskVumGB05snbRMTG5bjIH8p83zA6p1"}],"group":"cf-nel","max_age":604800}
Location
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
821cb39a38071cc9-FRA
alt-svc
h3=":443"; ma=86400
Expires
Mon, 06 Nov 2023 11:37:30 GMT
jquery-ui.min.js
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/jquery-ui.min.js
  • https://img.sci-hub.shop/scihub/jquery-ui.min.js
248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
439105
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 14 Dec 2018 08:14:20 GMT
server
cloudflare
etag
W/"5c13665c-3dee4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJGrZTH%2Fh%2BI%2F%2BNY0Dd3avp9C2UhsTCBsxI%2BQu4YHUDYG04bXhdrL32gbmm0JxSH4zPF8rO1y32mW4XcyhLoYspD3VCGVcXI7b%2F4wq3rrAUcHMfDaK5PTldVQ%2FJvKnY3puOaVjPeE4ZEk4H7LrJnR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
821cb39aefe99219-FRA
expires
Wed, 01 Nov 2023 20:39:05 GMT

Redirect headers

Date
Mon, 06 Nov 2023 10:37:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iednw%2F79cSwWL0Z%2BttqoeUNyq2lUsd%2FjOrU1VafDkS8%2B67GXto9gARlN%2F32ZlYNlLb4NTpgrzJPMZqwPnnUdCakbP5vBbedQ4gkpmjPAkpR2FPeSdV17BmlzkZEixtjxwp4AMUVCG2OM1W39NFe0"}],"group":"cf-nel","max_age":604800}
Location
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
821cb39a4f069122-FRA
alt-svc
h3=":443"; ma=86400
Expires
Mon, 06 Nov 2023 11:37:30 GMT
openapi.js
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/openapi.js
  • https://img.sci-hub.shop/scihub/openapi.js
94 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/openapi.js
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2535393
etag
W/"5c00bb8c-1798d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhoI3V%2FkfJVzqsq2QVFV%2BmQo%2Brhoy8WYZ30CCl%2FNRxQmv%2F03w2SB8kkxE%2FPFOHF7paGmmigpZn9sdfIIdlmx%2B0V7RRW%2F7p45knxOx2ePGSNPfLfix%2FYsTZe3S0r0h5Dx8UC3bBO6PiaH9qEQIaT%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
821cb39aefee9219-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 08 Oct 2023 14:20:57 GMT

Redirect headers

Date
Mon, 06 Nov 2023 10:37:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZPznIggn2yFQAxl9KttqhoP9MSUr4CwnsJCyZGwST04R9wJuHSxFVftK%2BPNW5%2BrfeaLhGrg%2BD6sC8VceBUWuBynFnkTjiMhRgp0gxxWX%2B9qQegXlS9fBwEDYlNRFyhEn3KEfkZCHthS7pmjzoH3"}],"group":"cf-nel","max_age":604800}
Location
https://img.sci-hub.shop/scihub/openapi.js
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
821cb39a4c449113-FRA
alt-svc
h3=":443"; ma=86400
Expires
Mon, 06 Nov 2023 11:37:30 GMT
medal.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/medal.png
  • https://img.sci-hub.shop/scihub/medal.png
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/medal.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2535393
alt-svc
h3=":443"; ma=86400
content-length
22275
last-modified
Fri, 30 Nov 2018 06:13:38 GMT
server
cloudflare
etag
"5c00d512-5703"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gabgxUA9IYlVumxmIidN5tmCZhDspKuvVm%2BDwgX4cPuJsspvBFIP%2FL0y8zZWf5x17oavQ72fu1GmPh2cN3t8NNmo8dO8m4HjXzvPI32qROpILOKp3d%2BlOmt2hKFApzf7zAKputoaODI6WRVx288n"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39aefef9219-FRA
expires
Tue, 07 Nov 2023 02:20:57 GMT

Redirect headers

Date
Mon, 06 Nov 2023 10:37:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjQF1lLV%2B8eS5CRh33Uk71AzEN6yvByc5rzMV4khKBVC7f3djSq%2Fm1qzv%2BFzj5cCQLi0%2BoT%2FkX8Ced%2FzdfAjcPOLcpHTYu%2BERr73xbqsD5ZXJG%2BwicU%2B5Vg9UDscqtmsplkm1DhY80zgyU05hMPo"}],"group":"cf-nel","max_age":604800}
Location
https://img.sci-hub.shop/scihub/medal.png
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
821cb39a4da165d2-FRA
alt-svc
h3=":443"; ma=86400
Expires
Mon, 06 Nov 2023 11:37:30 GMT
key_1.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/key_1.png
  • https://img.sci-hub.shop/scihub/key_1.png
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/key_1.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2535393
alt-svc
h3=":443"; ma=86400
content-length
8428
last-modified
Fri, 30 Nov 2018 06:13:40 GMT
server
cloudflare
etag
"5c00d514-20ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThFVcygLI%2BtyFN7mtRBll2JZN7SraRcy%2BOO7npNxR8ftBRaUlpbJmK%2FSc9ZXB5dhVQdFoTnKsaXG%2BXh9qsKajvN25NpEXXtEzt0qxvH%2F25PPTUso84QIwLEWqDh6gyBXTzLv6BedI%2BCldiAeit9w"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39aeff19219-FRA
expires
Tue, 07 Nov 2023 02:20:57 GMT

Redirect headers

Date
Mon, 06 Nov 2023 10:37:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQSO0x6wI9SX%2BnFnFk%2Ftx1vc1ZmrCv6qHFgSF7mk1YO83i2YnkTEjF63ItLuEeEq71w76h4vpqKu04Lkcw8pmC8VoMnwLcNzGfdObGsni3iakhxZTkPkw0gYwTmLDqw%2F9LSTYthe8%2F2stUlsciFD"}],"group":"cf-nel","max_age":604800}
Location
https://img.sci-hub.shop/scihub/key_1.png
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
821cb39a49f96934-FRA
alt-svc
h3=":443"; ma=86400
Expires
Mon, 06 Nov 2023 11:37:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4835842337459824
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
deb4f3813f2cc4476cd26a3056a3b4c112463b38b07e78f1ae557b008fc6a255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sci-hub.yncjkj.com/
Origin
http://sci-hub.yncjkj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52122
x-xss-protection
0
server
cafe
etag
15257280944212200641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:37:30 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BX6H58DCXE
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9114c41f21406b1ba31931d8c7807dbbb0949a203d727bfdfd72a37408031a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92997
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 10:37:30 GMT
top-back.jpg
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/top-back.jpg
  • https://img.sci-hub.shop/scihub/top-back.jpg
184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/top-back.jpg
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534177
alt-svc
h3=":443"; ma=86400
content-length
188646
last-modified
Mon, 16 Sep 2019 12:17:02 GMT
server
cloudflare
etag
"5d7f7d3e-2e0e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKzsye2fikScXlMyrPG1k2POSRvLoX9NJ%2B6s%2BZXXh2sN7LhrsCBnCX86rzdLnhgwsrLG3wJ4RyYPJ4aLac0gVBL6GQl87Lbnksu76X5W3xs93McZ36zdHMK%2BVtb7VHHK3n3R6%2F72AXiZRU8O8wls"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39bc8e59219-FRA
expires
Tue, 07 Nov 2023 02:41:13 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/top-back.jpg
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
logo_en.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/logo_en.png
  • https://img.sci-hub.shop/scihub/logo_en.png
14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/logo_en.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534867
alt-svc
h3=":443"; ma=86400
content-length
14556
last-modified
Fri, 30 Nov 2018 05:56:38 GMT
server
cloudflare
etag
"5c00d116-38dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfwJEzXlDZhvHOCBXFOPxDkxDdmYEzsCUgu5A76zIviXyQDMEpNVZec8GhyqClbeMoWmOjjxeVJDj4xZvMlulsONo4unnVmbksiOUbvSbUBcJyGYnPaU4FRq5K1iYhQpgnMYHLMmg1ednFvTKKDZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39bc8e79219-FRA
expires
Tue, 07 Nov 2023 02:29:43 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/logo_en.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
raven_1.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/raven_1.png
  • https://img.sci-hub.shop/scihub/raven_1.png
59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/raven_1.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
533917
alt-svc
h3=":443"; ma=86400
content-length
60144
last-modified
Fri, 30 Nov 2018 05:56:32 GMT
server
cloudflare
etag
"5c00d110-eaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CPUxHTHy3jgHU4c8pgp2np2QrpGk3jXDuyRzorDlQ5MohYNqMKfA%2FuU6tabMuWVgxREcamBhbrT%2BN%2FSC3lj40JBUT7lo6U9PNvsXy2JYiHx%2BACtdVjNNrHOYXohWkdYF0p%2FE8rKfLXHYp7Nx6Bt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39bc8e99219-FRA
expires
Thu, 30 Nov 2023 06:18:52 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/raven_1.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
map.jpg
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/map.jpg
  • https://img.sci-hub.shop/scihub/map.jpg
54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/map.jpg
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2535202
alt-svc
h3=":443"; ma=86400
content-length
55605
last-modified
Fri, 30 Nov 2018 05:56:52 GMT
server
cloudflare
etag
"5c00d124-d935"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHTCNX5076BP4BpwlgSBmZVgi5qy%2Fyg6Q34VSKFk8RJx5HH3gAnkoyepy%2BqO%2BtBfQvAND%2FA7NZCeVL0mfN5l859x9mo8sfpmZ7rDdAxKqT9PBKRo3Uc5KFyUrhN2PZbtgUetlRSYtFNSOj%2Fqo2Nf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39bc8ea9219-FRA
expires
Tue, 07 Nov 2023 02:24:08 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/map.jpg
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
about-marker_en.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/about-marker_en.png
  • https://img.sci-hub.shop/scihub/about-marker_en.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534867
alt-svc
h3=":443"; ma=86400
content-length
3361
last-modified
Fri, 30 Nov 2018 05:57:02 GMT
server
cloudflare
etag
"5c00d12e-d21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtWU%2BaCyXBsNjiJfgxFalkLJxSivDWvu%2FVQEiyYws0IAXlMyBk5URdsJMjVXPkCQwpHKd2MYEJNM8rN%2BrBW0%2BFXxddRLHlaamd8K5PieaW%2FH%2BozDGkWneO%2Fv9cGoPrnzCaIs9c6xF5EtbdxONg8M"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39bc8eb9219-FRA
expires
Tue, 07 Nov 2023 02:29:43 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/about-marker_en.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
quote.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/quote.png
  • https://img.sci-hub.shop/scihub/quote.png
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quote.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534867
alt-svc
h3=":443"; ma=86400
content-length
1068
last-modified
Fri, 30 Nov 2018 05:57:12 GMT
server
cloudflare
etag
"5c00d138-42c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9wqCGjqUEH6okHlU6dasoeJbTcstVlWwKTYqUDcxTJMRcu5wZHEeU6nyZQukSGaONVcFn0n1iJ1UCVAYx13VjIMiu85X5x6%2FBRh1s84Xv2dhu2EQJn4AEi3bT%2B0SZ8CvQ9XFtVTGvjD2N3egTV%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39bc8ed9219-FRA
expires
Tue, 07 Nov 2023 02:29:43 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/quote.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
quotenext_en.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/quotenext_en.png
  • https://img.sci-hub.shop/scihub/quotenext_en.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534612
alt-svc
h3=":443"; ma=86400
content-length
1087
last-modified
Fri, 30 Nov 2018 05:57:18 GMT
server
cloudflare
etag
"5c00d13e-43f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8brA3k2NNe4WijptutBPKjuAonVNWsM4Iz9xS7wm%2FSGuouvD6i5yHzNTtLVswwvSvfUzzzDBr6ahw4ztSC3JdF5IPEadaXZqLTb4wmV4EVcWe4D6%2FPbfZ9Xz7lfnnti%2FJUo%2BDCm%2FGc4jJmwSlD5E"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c0e5735ee-FRA
expires
Tue, 07 Nov 2023 02:33:58 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/quotenext_en.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
pone.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/pone.png
  • https://img.sci-hub.shop/scihub/pone.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pone.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534612
alt-svc
h3=":443"; ma=86400
content-length
1637
last-modified
Fri, 30 Nov 2018 05:57:24 GMT
server
cloudflare
etag
"5c00d144-665"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8AFDYaYtV%2BlbuGVHqsGcxXUAuT%2FviGEw6HFZTMLcXzSw4c9%2F%2BjWUsDx3R%2BG8GRVgqYIeX35pNpd7jVOnuCTEpzbTbmT94L013Ay5VT0Q1eTZFsH2Ub47NT4XtrCWTF4S%2BKlxxZkxWfyFrfIelMa"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c0e5835ee-FRA
expires
Tue, 07 Nov 2023 02:33:58 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/pone.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ptwo.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/ptwo.png
  • https://img.sci-hub.shop/scihub/ptwo.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/ptwo.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
369196
alt-svc
h3=":443"; ma=86400
content-length
3907
last-modified
Fri, 30 Nov 2018 05:57:30 GMT
server
cloudflare
etag
"5c00d14a-f43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4l66klcvPyDnphQ9Gty1oeseKWr8Om4BrJ7ELgTYR27IcbOAf1lHBYtB8OAhhfbTabSWgBi1NGkhv%2BWolK6slWkAFgKYqR5PybR5yM4px2CoSqhoqrC5f%2FrrpqvX2xbQ13tfPN3DkXzbrSeeSMX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c0e5c35ee-FRA
expires
Sat, 02 Dec 2023 04:04:14 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/ptwo.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
pthree.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/pthree.png
  • https://img.sci-hub.shop/scihub/pthree.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pthree.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534612
alt-svc
h3=":443"; ma=86400
content-length
4278
last-modified
Fri, 30 Nov 2018 05:57:36 GMT
server
cloudflare
etag
"5c00d150-10b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21ByR7h8V07hEaIl%2B0eoCHL8mD2CjHqzFDa7ORbyAYno%2Fr%2BayP3wcPKd8PS5fpCyBygr8QXCQSlyl6gkaxaaDmytvzfF2p8OJdy%2BhieTsTn%2FdPRLfMOKNq70n0C%2BztyzpFcPvL1bc0LkzZcnA3nc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c2e9235ee-FRA
expires
Tue, 07 Nov 2023 02:33:58 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/pthree.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
people.jpg
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/people.jpg
  • https://img.sci-hub.shop/scihub/people.jpg
50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/people.jpg
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534612
alt-svc
h3=":443"; ma=86400
content-length
51212
last-modified
Fri, 30 Nov 2018 05:57:56 GMT
server
cloudflare
etag
"5c00d164-c80c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B41YoD%2FP3hwo%2Fkmf90fOsn0kYMKPLLR8y1aZ4vu9HhUb%2FHANtyIErYh9zgzg1Nb6oByqcRE62qO76r1fImJwbTgpSUU967RnBKcF7WD0M0nSAANSd97IVYYtm65uIZxX0yO%2F6RHSnU8V3lgkEpy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c4ee535ee-FRA
expires
Tue, 07 Nov 2023 02:33:58 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/people.jpg
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
join_en.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/join_en.png
  • https://img.sci-hub.shop/scihub/join_en.png
6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/join_en.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534612
alt-svc
h3=":443"; ma=86400
content-length
6197
last-modified
Fri, 30 Nov 2018 05:58:24 GMT
server
cloudflare
etag
"5c00d180-1835"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhxxBvSiyC1RU6pX8Jtt3ol6JgzQuDpbMt2iD0cpXBDxCMYruXHe55w3fy4kcUviobpfSTaX3hoC0ictgV0edEXvstEtBm%2FF0PzNXtAOsPIdcznaJLJZwKBYsF1z3cNGv0SX1cY7olMGUeHfOFYJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c4ee735ee-FRA
expires
Tue, 07 Nov 2023 02:33:58 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/join_en.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
joinvk.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/joinvk.png
  • https://img.sci-hub.shop/scihub/joinvk.png
17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinvk.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
533428
alt-svc
h3=":443"; ma=86400
content-length
17834
last-modified
Fri, 30 Nov 2018 05:58:30 GMT
server
cloudflare
etag
"5c00d186-45aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vseuB9UWzo8JDp1Qnhsbv6Dwxy%2FB1NsFsWzjd2OgDOmPqDLEEO5cLRCARx30AwBczMzKiQm3jpvYjNQWSWAYS%2B7j3kQC8SiSqX6V8iPj8SckliteXNET05GZiifvkZygDNJQs3uSBbPahyh2aXLz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c4ee935ee-FRA
expires
Thu, 30 Nov 2023 06:27:01 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/joinvk.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
jointwitter.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/jointwitter.png
  • https://img.sci-hub.shop/scihub/jointwitter.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/jointwitter.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
464257
alt-svc
h3=":443"; ma=86400
content-length
5751
last-modified
Fri, 30 Nov 2018 05:58:42 GMT
server
cloudflare
etag
"5c00d192-1677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOgHBuHwEf7zKALtFeHk7qmIoXmc6uxYkKdTMGTDnc5snpeRb5KsVsSJxW%2FVYrFCRKYvY%2FKybmT6gCPsNIHD7p8v80h9%2FvAVo7uF7PHOEVNPT8Vr4duRXP%2FfFK8C1AYpMwhu5uEjOscJ0SdxLuoX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c4eec35ee-FRA
expires
Fri, 01 Dec 2023 01:39:53 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/jointwitter.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
joinfacebook.png
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/joinfacebook.png
  • https://img.sci-hub.shop/scihub/joinfacebook.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534612
alt-svc
h3=":443"; ma=86400
content-length
4152
last-modified
Fri, 30 Nov 2018 05:58:36 GMT
server
cloudflare
etag
"5c00d18c-1038"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLtV0ii3uRA4A3lRa8RjIcWzwY7fEOS2GL81TytXy%2F9pmvC5rtdaeF1n2IWyXD1DH2UGunQq990HPa2sfCbHtuerlt4vM3ppz9xFtRUEruEfcTWB3m%2BlsHSdeBB6lrj%2F3XIafeyJxCaDRYPG3ryF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
821cb39c4eed35ee-FRA
expires
Tue, 07 Nov 2023 02:33:58 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/joinfacebook.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/
Redirect Chain
  • http://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
  • https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
0
0
pluso-like.js
img.sci-hub.shop/scihub/
Redirect Chain
  • http://img.sci-hub.shop/scihub/pluso-like.js
  • https://img.sci-hub.shop/scihub/pluso-like.js
41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/pluso-like.js
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2534313
etag
W/"5c00bef8-a5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTt2ef6McT4nijKDiBod5mJ2ENltOp98X8WQAD7KvvfQhUOTtNybNOdYlYlpfgf4WHxx3115DX%2Bpq7xWmI5%2FPzrxl7qVMXJe%2BqNvppT6%2B3PFxjgzlFxujzVP1wTyigl%2F18X%2BS0NUk8sVJdEf37oW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
821cb39caf5d35ee-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 08 Oct 2023 14:38:57 GMT

Redirect headers

Location
https://img.sci-hub.shop/scihub/pluso-like.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4835842337459824
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b57cb671422ac3f78a8d2f9fc6fc984490426a744d2372afae09c262d3de8afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138486
x-xss-protection
0
server
cafe
etag
14457970121305409024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:37:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 8CCA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4835842337459824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sci-hub.yncjkj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:02:58 GMT
etag
251720774729838433
expires
Sun, 19 Nov 2023 17:02:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BX6H58DCXE&gtm=45je3b11v9169863011&_p=1699267050809&gcd=11l1l1l1l1&cid=482183071.1699267051&ul=en-us&sr=1600x1200&_s=1&sid=1699267051&sct=1&seg=0&dl=http%3A%2F%2Fsci-hub.yncjkj.com%2F&dt=Sci-Hub.Se%3A%20science%20hub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1576
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BX6H58DCXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://sci-hub.yncjkj.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.yncjkj.com&callback=_gfp_s_&client=ca-pub-4835842337459824
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc3a88652530dba7878c3108b92de83318da45ec1252c74ffb2be0d250ef9bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9747 		171 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&adk=1812271804&adf=3025194257&lmt=1699267051&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1699267051006&bpp=3&bdt=617&idt=231&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1899493881265&frm=20&pv=2&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=255
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01f45311fb5c138b3190f1d07f7f65f3395cdea96734ba88d1597a93cce25093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sci-hub.yncjkj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49486
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:37:31 GMT
expires
Mon, 06 Nov 2023 10:37:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 76A2 		25 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b917664bc637902852104e0bc39135fa1c6cd95822db27bc2394623d36e9a8be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sci-hub.yncjkj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10460
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:37:31 GMT
expires
Mon, 06 Nov 2023 10:37:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB68 		87 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fcfb23776d259d01503d282cbc08c41570ce3faf33ea8100c4e19cc3417e922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sci-hub.yncjkj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28069
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:37:31 GMT
expires
Mon, 06 Nov 2023 10:37:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame CB68 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 09:14:00 GMT
css
fonts.googleapis.com/ Frame CB68 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 10:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 09:27:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 10:37:34 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame CB68 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:56:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596472
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 12:56:22 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame CB68 		374 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 12:56:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596472
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132916
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 12:56:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame CB68 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
15029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:27:05 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js?bust=31079424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18103b0ef80dbe15212ceb50b7097a93b604e87a04dee2cc6fafd2c1ecafbe08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55826
x-xss-protection
0
server
cafe
etag
9918257177698668268
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:37:34 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 76AE 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNU_yWkwtN8txwuLsauLM7ap7NToc2nMZdMWWDGtQLcACmhap6opz6T73D6lh6WOxVRQVmB5rdRMHIEJbNyJE1J8zAN5BMDnlxoX1AwkE76KsxZ5cs8LwHfm9a3FJ1uAlHV7owzUfJP4fmx36cpMgue2rHBnCO-360TVGFGyMmCjm06BBjM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:37:34 GMT
expires
Mon, 06 Nov 2023 10:37:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 725C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:37:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 725C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 10:25:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 725C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
15029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:27:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 725C 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:37:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 725C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBVdiy5Qyb2PyvKFuDWqBg6WDZC0UOHjc_VzR6DDKcA_lHnO9bZwgUkc0zlDzLFuuoBegln8KhDwcl99drfy_Zlly-ch9Wm_m56OQQykEb-ZQ7ctE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 725C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2321099373240216245&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CB68 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=1~lomrqapy&c=7818028766780&slotId=3909014383390&qqid=CIyr4oeXr4IDFTyLgwcdXGUJrg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB68 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options
nosniff
age
577131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 18:18:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB68 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:07 GMT
x-content-type-options
nosniff
age
560127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 23:02:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB68 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CYFl668FIZcyJEryWjuwP3Mql8AqWjs3Fc7bnmdTkEZvNmo7mQBABILKYs44BYJWCgICgB8gBBakCGcBzK1WieD6oAwHIA5sEqgSTAk_QD2yLQxvx8S8T6-Skskd6VVp4oQiULXdZYPFKC__RkizWvZubjAuXz0iucJ0A37vVZw8qQogSarGx_zbeVYplC8cMyw6h91Q5YGI6twiyMKGEiDnVn-RR8yvXC0RSrV2_J6A2xA8Vsgc14PsmCK0oXV-UaCMVuGuTzfSLVaXjX9ETzqgZRylX2CfXUGcYbh1dOgEaE_jOFZ0AUvbykGe2x4a2aysVdaEDGpv7AlShAat9JXi-XuIqOKD22a4wnxACXi236_SnsCbPGCTzyGFfBYUlQkPMf3-VPNrNvghCb-8Jc1aQdNBH-IA2RgDsthiu-_NSxQYqihPuCk3YsPut-6sc7CY_EUqSKBYmX7kbHfyGwATS_sfQwwTgBAOIBd3c7_RMkAYBoAZ2gAeym7b9BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwMKgoKCOS0sQLutbECqg0CREWwE4vBshXIE9XB3eMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1699267054550&ai=CYFl668FIZcyJEryWjuwP3Mql8AqWjs3Fc7bnmdTkEZvNmo7mQBABILKYs44BYJWCgICgB8gBBakCGcBzK1WieD6oAwHIA5sEqgSTAk_QD2yLQxvx8S8T6-Skskd6VVp4oQiULXdZYPFKC__RkizWvZubjAuXz0iucJ0A37vVZw8qQogSarGx_zbeVYplC8cMyw6h91Q5YGI6twiyMKGEiDnVn-RR8yvXC0RSrV2_J6A2xA8Vsgc14PsmCK0oXV-UaCMVuGuTzfSLVaXjX9ETzqgZRylX2CfXUGcYbh1dOgEaE_jOFZ0AUvbykGe2x4a2aysVdaEDGpv7AlShAat9JXi-XuIqOKD22a4wnxACXi236_SnsCbPGCTzyGFfBYUlQkPMf3-VPNrNvghCb-8Jc1aQdNBH-IA2RgDsthiu-_NSxQYqihPuCk3YsPut-6sc7CY_EUqSKBYmX7kbHfyGwATS_sfQwwTgBAOIBd3c7_RMkAYBoAZ2gAeym7b9BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwMKgoKCOS0sQLutbECqg0CREWwE4vBshXIE9XB3eMD0BMA2BMKiBQC2BQB0BUB-BYBgBcB6BcF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CB68 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=2~lomrqaqf&c=7818028766780&slotId=3909014383390&qqid=CIyr4oeXr4IDFTyLgwcdXGUJrg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.2je&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame CB68 		30 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AMjxFZ_mJP3cnTgCaZNh3d0mmZdmpSQjmS1JNIidrwHXj6r_pXXHkVx9ygBWQY_XDMtViwI1j8-7rSUg1AsHqjGbc8fQ&cry=1&dbm_d=AKAmf-CStB-rV4LlopPUA09qBrMempSiXN6m-k1-AgSCLfAqbZ26LZfJNxW5amc-R7wNor7eRUDoeRdv7xfwEn7ZgFhjBNIX3PaUKFsJNuOtUQjv-iGoofVas8LTzijZKJ30AYztEUoofxt5-EEnBddX3LbaxhlKc8XXQrcql360y3g77wcuf0ILuHwrBCNa4qaKnNSWS58X6anMsDwMhe6p49trogFg2daYgKQVc0Pxw94gdLawkRza8P72Tuv_Oyzcyrcr8yokCNylfmCEVzCVjjVxhpTecgMndikr8mXrk32K1JOmywyrIlyvffBlegfNGvxFaP0BBwa9nwYTS9YpG2OyK6bNV9w-EB7_OKz2PMUMShk5-WQU5N29qlE5QjN-GgvCem52zP3FcMVu_nZK5DWbxa-PwvleLMF72cJY5Sz_nsnh5trxufqzyQc8aTX7wsgYV7tA9wjvv0Ng9qPHEZItEg0O5Flmz287sQG483fWiDfNTadWpp7zLBnuR1no6Z1mWCYbC-RIXKTxRdwvx0Ye7s8-lC6jhMZGa7rxXp5bxVUBhX5jHWpz-leYLu2ziJ4vMEwuRw8XLZiMUSUAk_vRXpj5sH5Sk7vdw6wP5UahnEZPY_p-pvDgUnw_3yYChCZUkRm5vLJfgcB18RG9mGNtMP2OS87PbArZMW0opFhKEqxgE8ioxG8UuSfwgedweji15X17CJj38rA0cIhboehvCdeCYImMwitgKEhMr_6ge_3Qz9Oo1onr6_8fF9bK-pVY7x2kZOF3UenTiXgCm5WAb39TCu35T3I3tX4k6ZkdUfmX6yP0zTojFuZyIlSSynzXxIyolixCGPyidgfZS4xINzsQIxbCJ8P3Ni2jMH9H5nyraWdv0a3DcK1exmv8u-JC_mKIXZxRJdjFu8VDd8eeHso7jLJhlbnHS4Mq7bQBOs4MEB6saH0eUjJDxQ5wBq7F6ufoZNnDBpmV-1yTdsUzvWiH3LiYw9ly7f15vqUAZGBMV2swz0Rdgt1mijbyvIajImdd2S971cKvEhoauwtbcgfKQLtStdv1tvUSZm8I1JMqr1tx_DHFG-Ns-IrFNLB0rb6er3IhZZoGhDClbq6FGYTKly5TINI2J_SLbzqCuhFGKQ84k73H-Omn-KOuJ96tbWWaeFN7a1iP3RgjvxC2Bxwpg2FoEnAdTWcT_5YJDiVTvGqWb_g0QYb7R2Xqrt0Y7-KPjNkUhqGCHTW_R5YbZAMcTH5tN8xV58dGBuf8RkY8OOsTrm8D9xYj00TP5cRDt7aLr2a_2Vc_IPNNtrpeGfY2-z2J229FAxaggBxdqw2prce50RmDRh58vcAM6kzOp4ACweledq5OdVQ7xQxnfasTrsV9WaS90XwCqQ0-lZZ1fyct2geb6HXUqCukDvsqhSw5die01UKRV1fnnEHoW1vqnbV5zwa7drodE0YbDI8GVcIOQhdJeDWSNok60l4EPoncEXW5dgqclf1PZfAkKmX-gTOMEw2uIxzEHz3NIZIcPMW9Dt0TazPBxwTtNIcMEsPron8YalnZ1l4TADnCIP1a71KOVXIM7lfen5OZ99YF2Fo4oK_jkxOJQBPwPBzTD_xW_5YmvX_OtgQhRLaxiMu2TwfnYw4ZleiMeCOa-MUfQ05RbMHp3fbavIsYA_cnbx7OGFdhCdGgKVH2jHTBJ8Tyqbzt5OSfl7yi-OHm8-d7052ko7Rp6NeolsQ5qEyHGWKp8WXyaiQ0ZiVnUzLe9V1_75S0xtnuuge48MbIhk7NJbqHIVwRuAAONd6-ghHZo32xrOvUOirCqUTh7de4WovaUtltBleNgzOKLoGRSnTlWrHn_yhfUEGLChbSiDkFQGk42Gzagk-yRZeNYkKeii6rBSsyf8MZJczcLf4q0OE8OKA802Q6_Nx-EvpQqn7-EpU0CTPxAY1lprOvZXqf150XvNIX8TpUhvUztGWQWIBI2x990LvMpicjUi86VVySppiUY9xNrTEJZ7_nv3cAgzDH2-lsGt7_wtkouVhoFEmcLDM_6A1PsLrRrsxivA7mnrlCuoizvHUxt2g6KTBszGUx9oBlVtFT79dH95Ms_rQJTg5QNaGm36tYGfmXRfJdyoGN6m3aBcTPqm4YLpBiIc6NuXUlKLOeXQhAevQC79lEe901dD7xI8TchN5juKI9luZ4OHx-SZP3yFy2zRmO7zmcwsV_s5Ui3huN7DJKM_iWyUHRUBO7VQFGQ3GvLkuDeOyURxbxDfk5YOfShJrVEvDtlSL07Tcor5UCdBJEQavvZPhR3aZMOkIznGKgzx_L87uBfN7p714wvcjszaKlQQNk8OLVVjmtY5X9FTDcs34TlT1OrpLJ73vpSx-jIQMukG4-hTraqlvOqdPsFZ2Y9aKsFTIo9hPU5hjgFoW_uYl9Ek2fhwTxC05JXeV8BEL6ENUA6dnxcxR6oXxyKTqxqolHtdOtv0mF5Mghc6qSaHcQSDYu_koJgTVZYhTlisrVjDcYOS5Hz5fue_iwkzjgOIC8yQ2TuCxpaoYPd76ewtEWJzHO0DHrvjqX_ajnIGrsvg0AP8nN5wfjE3tchSVIOXFBgAGAxb4_T1u9xje2zr-fYXlQGr_h_ly20iOJlbbv7xFpsWHEKBlQaG_NsJxIKF7dK_mSAO3WZcywopSRaPyyvQOj4ChHMUoXEXI6LZMfZS7frf_4bjoNXs3IAOKZL8ZVMH1izB-p0XiY7524x5gZP-phX06qfgmukUFPICsMsV8adDQht4Wtt3rzJasJ4qkVIfhVXNPpxexIgreD01yqN1gPBLm_sMfrJqFDvPmLx3snioDZfH8idHexGB-7S_i4vpOVF5BRRF5FnOS-rP6FwdG3vLEoGd5nPdRycMnDbFSXScTIV6oBeEuvTCnF7zQArxfD62YPy2npz_dxGMOnB4rCBPcy052dam_8D6IBthhlgnpebblmH-XKJmJFrUhDusG0DZ4C09eiIwYyBPhY6dGBygaD-ofwP0A_ti0nCrZa44G5FTMaOZo3kkPupmBhZEvycthHqbfCwrJO5mlY_sRQlIelaLyIs9IgsEb148AT7ZaW1v7szA6wCGVw5NNyx8wle6L9W3b0A9dk7zeZ8Ex9s19k7-CQTjROQME0eSM0lhZjh-eOByOaJ1AjImj1AKaoYOW1ORrj9XihWyrxZBzCsyfU4UQwHO-b5bQNcKXocmhJCZVRtemKFdNunZRhHqw0xTJkDJXpu2VUL2D-7_-b4mydm_8Rz3KupyvcgfRYSFbJyTfivkLjDl7s9ubQVxNBv5wru4x2sOcoKrSoarT4ePozkiU_GMPgLyz9d2-kTkpEgoY1zcYrm2jkihHH7Pg_5FSs9MEgVoaUFQchl8ZHqmjDWz9ClGr7QIxHixFbJPsdSaAi_obYsDlsyU-Hp9noxhVUHh8K37-QlNy5cvrsOzN0GljWmQmHoDDpOVYZNUo5UJYzgPbDDKCyiV7Dsn88avU1g3v1MKEC_ss9MC223BzhzgqiBfYEgTWHBrK0ZNEZek5UuI-ECekE9MAyyPVQs31r-h36JD3SxdkLzmMR8O5zWSadzNCdGk5oS__c3mQewHVKfdIwuoG0koaevoRROj9AsrxHIyKXx56BRBWCsjtF3484H_aoM1yiHG2eAY0WLco_-J2VrUz_sxhFuy_SDqo782n2VUKBGmKjTRCYQu5XpKxLRzauvyXJm8ZRt8OEQ-ITsYsXSJfv_gYSg7QTU6rkYYcY3jdWlecbpEtlKfDbYgKTNg0pSGQnIRkGVDoa65UB4EZE5Jz17XDi_arnTVnUpRNJq2jgHIB3EzY&cid=CAQSSwDICaaN4bcBObqpH-VhKILRl1BqeUgcR3hzL_C9T4Hq5Vof6sAax5YS1ug2_0u7MghUc0HyR9m6Mhdzxzoj8fzeG3GQV1Eu39jPVRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.156 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
99ca192a6f3a598aee43242f3f826d3364f7af4472a5d1c202a50ed722d331ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17163
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 76AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
43 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNU_yWkwtN8txwuLsauLM7ap7NToc2nMZdMWWDGtQLcACmhap6opz6T73D6lh6WOxVRQVmB5rdRMHIEJbNyJE1J8zAN5BMDnlxoX1AwkE76KsxZ5cs8LwHfm9a3FJ1uAlHV7owzUfJP4fmx36cpMgue2rHBnCO-360TVGFGyMmCjm06BBjM
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FU%2BCPnT0Xf1j%2FLpRg9vRbXIeQOjCYcNvZ3TvEFBwLYR65voG%2FVjcRJfYtNsQUbWvSr0qvSITJsHjTTulg0cArZLEam9JPHqZz29MeyunuU0gK1QJN3MaAkN6O6Lu03hyNvjC8jKoQB3bRBNOA9UJwqrjiVb0NA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821cb3b43e0b3801-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 76AE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUjB7tsxEZSSC0Y2tT8qngAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
43 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNU_yWkwtN8txwuLsauLM7ap7NToc2nMZdMWWDGtQLcACmhap6opz6T73D6lh6WOxVRQVmB5rdRMHIEJbNyJE1J8zAN5BMDnlxoX1AwkE76KsxZ5cs8LwHfm9a3FJ1uAlHV7owzUfJP4fmx36cpMgue2rHBnCO-360TVGFGyMmCjm06BBjM
Protocol
H3
Server
2606:4700:4400::6812:249b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSim8PYsIxEQGuoX0uTh23lvuFoAZKROpWE%2BBZMNcqdkICJVg1o3uYoWh%2FJolCPNO5qAZ0qF%2Bj7QL3OPNezz3%2BDEVrJEaPP7%2FEBu8Y%2F1z8REnS62BjM9nkIbp8NDYNMamaHXEgSxKTVT2CsLzze1ajPmLKEVjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
821cb3b46e593801-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM5U9b3doT9bzHSSondOAQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 76AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHL474EkiHmgm1nNa4mymF8&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHL474EkiHmgm1nNa4mymF8%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHL474EkiHmgm1nNa4mymF8%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNU_yWkwtN8txwuLsauLM7ap7NToc2nMZdMWWDGtQLcACmhap6opz6T73D6lh6WOxVRQVmB5rdRMHIEJbNyJE1J8zAN5BMDnlxoX1AwkE76KsxZ5cs8LwHfm9a3FJ1uAlHV7owzUfJP4fmx36cpMgue2rHBnCO-360TVGFGyMmCjm06BBjM
Protocol
H2
Server
37.252.171.53 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
an-x-request-uuid
ec43a70a-74ba-41d8-958b-470d71f06890
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.27; 217.114.218.27; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
an-x-request-uuid
0a614ae9-c707-4dbb-8b50-89a782640d0f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHL474EkiHmgm1nNa4mymF8%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.27; 217.114.218.27; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 76AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwODY1MjQwOTU3MTc3OTYxNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwODY1MjQwOTU3MTc3OTYxNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNU_yWkwtN8txwuLsauLM7ap7NToc2nMZdMWWDGtQLcACmhap6opz6T73D6lh6WOxVRQVmB5rdRMHIEJbNyJE1J8zAN5BMDnlxoX1AwkE76KsxZ5cs8LwHfm9a3FJ1uAlHV7owzUfJP4fmx36cpMgue2rHBnCO-360TVGFGyMmCjm06BBjM
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
an-x-request-uuid
0f41be03-d31d-47ea-aa32-5aed0d67a186
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAwODY1MjQwOTU3MTc3OTYxNw%3D%3D
x-proxy-origin
217.114.218.27; 217.114.218.27; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 1565 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sci-hub.yncjkj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:36:03 GMT
etag
251720774729838433
expires
Mon, 20 Nov 2023 08:36:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CB68 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
779a12ead2f8af28115c75209ae5f3efe5d7a48a819c36a82e1c77618d4ab959

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 725C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3510685421400&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 725C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3510685421400&version=m202309260101&ct=76&x=1&cor=2321099373240216000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 725C 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVPOic0Y4AEJ3GJQPBVE00xRTzSWsl9yzbvMfor0qursyQG-pN-AAJBcDC_gDQfdBbHMR3N74OflcSialNH0-pdWbI06URWWO-AmNJaCAhRDYZpz2KN5bStLDbL6yIyFO-_LayJq-Yi90F5zz1Y6cT6kdntCqu_7kJbWM90tHkHrp5Oaw&dbm_d=AKAmf-BXKxjId72Cd0eMknpswzhVLDoIpeZa7UmzWDhgrIB_-G4I3S5PP3XkFMCiqx7RZyYdr55nqI38lYZtwNmv06HxRjPcFB92W7jDcwJtgQDJtCYwaYMLOS7k87i0dI7RxEdXpOsJG8fvf51HoPQWCWKrfS4dmCDVH8XElU-JPRZJBdOby-i1x6IxkYul9oCa7e_yJLXB1EPTVHBq1qXB_7jhgeuhyVycAaDFwElgN2fsfEeV-VtJpEHQliP1lCgOAKORbbF9wDaex0MxJotlHtGkhRyqFnJKBU3-8gVd34f5Sk0ChbKGZIYu9cfAiP7bJ4DWgoFRx757dYo9G-l2akmmxpKKYYh9KBVTrmyzsqXfQzSpLvzszVcRuLx68YbpwFhkdaEmzy_7wCfhu42CPPCf72BSuqPZJLkRxB7dhB0SYdevAqihE_idGd9VL_3pyGENP7UbmzGhGvmZsUIXFzS2F5eBW41a-jy22CZLkw2uJIpcbwqKbG6KuOx17iWr40LTOZZ0u-YNQ2-Q5Q4jfwUkj6UbQUTGNZAxMGCMEi1OlgpOl3BukudAKUChBO8x4rAvMwBD198e74oPDOTC5umL9mQsx7PhbUUMJtxlxgJDbUC1TeJ-DOUSWpv4IgJAGCplnqDAQvBWiLzMUSo8VyBLOBhCUsKtkmKTa4eUmVXEMr-bTCq5tcMdj5aN4adXK__TB3UZBA9FpZD6ZMpoRKwXvl8iPZzjnW7Hdpxxrhrcq7MqwcKa8Dde-zGFD1BCUy0-gjmL_rxiVOa2bWes05osLh__AD2hH4BmO6OzP_mosfn-A_B0rwt6tBFQOS_fO9GfyyOk9VGjFD89I9F6EkV8PWtw4IjTc0BRr02BhvN9T4bsf7LBBTp3rGOM0DhqPahKdSnOOx0Pf8aC2mze7J66mhUHxtTv4bHr3z4JqG9x6_h725axwB9Z33xpRqIz-kh1lIfwDGLa-iAdVsdocvXuZ4I4ZYdLHKgwS0d8A7q-dPBTS7o7Mnc6vukw2p3BrU2mt2kerfc6Q3ha7dp1jnXxKS7fDkT3xl2LzSA37JoVYuXgSYaEHzQDy32kPOQ0uo180JHgIrC5SLEVtg0uLUHhGFWXWyk6ReTDmXoYqCDql2ZbGQPomrdB6t1E2TUKpkaUqq4M8KBqDkHEUaqG47H8HehvKyDmjHdhWhGwluErgeALle8e4-B9MycSUZOcD8RNsHQLfH9aatjo05gcAT5VnfvKEnFVGxlMCgamtfxhhGDcm52pa9nNMAEE6fIfZ-HdOlHzD0sTHEtTgimpnSITl6lT0wrzZFAs3S0RuEN9A9ziu_2wCdVgkrl3v8Xgey0nKW3LsfUxN_8ub09cmp5IqGqmx0XhER_Eb4t4r4OuiZ7ZzYTZIB_vkninbh_CghX3J58ZmaH5kJVrNLoizs2HLVV4zTZrJxUHytQ6slA41b_HNvyiSiFmHXhFQ9ppdsc1BBj785dL2siXo1hl2bSoRd-Lw-A-8BnZAfmO9FHWRimkPjA-3bcWoCj0SSWraXOR15Dq2PkGvl9inCy7JHbusKrHXLvBWfxsphkwmwlQCW-qbBcGf4hu7oSCjAujSGVujcZYZDOd6r7qtLZUyEyHM1UE_9vAoH6KSjYfu0epJYqZn6Ms2Mf2FngnLKVIxZaJxkgD_-XGg3dIP5p_AlBqDURLFZAlRwY5iES1HFKNMDNxOjhXcBxKrQ0he49nHdRvk1_gGKzl9C9G-jHZLrT30VSmJy9Va7sTJinqa8jDEkELzPyrLIqGlOw1-fABHN1u_HdHKC-dC-2q9E-O-CgDQYQAt9ZXsLOBHYBu0QGp9liKoS8Xnc_PbZNGH-MxM8JqNK0zaIpyQ7i-nGbZexISRLIargOBEPng_hPccqiA6m_c131qCYxBQ5O5IHskKfh8MrP0wkmW1C4eriI5ghEPRLkRaN4AhhRXlry7k22lZzE-tuysmjE3ORcbUSIYWwGgDA0ckpYn-ZXktVbf1fAUvm8Ja5eMSyF2SdPQlTJJDEWNakGmRNBTyUMZZQPoOB4AkzkAR1wASeAGzykplize3f-eCysOy_xCS1lWAsrHSfVPy06BeWW0wV8Uu1Qo23lXQ21HtqOqHjz6WApRGF3fEPpQRgyegwv6JX6BdnE4zIPvQIcO7f-Ire_doKPkjHz1T5mDSkZoZIklO5XmuWFfO09ikOcUQErlXjSpHSTCiaqbe5WGmH80La-XJB1vF7ocxdDvhqogv7dRi_km8Nm6_UkCOc5fr5QlRVKdIS0r024sUWYiONqoi5o-_zsuJxDxrSgDf1ifYM-tUjIoRXbm7p532AxzAKJB2XK7X1YZlNolFoGSh0cRnRQrR4ifdAlRtul13otn6gS_8SKkC0Z_PlmbtO96XlGdyfDoBjw5JEFjQfn99aqjdTUM1mu61yN-Kdgw6qvXO5Gc3b0k6r9KiVMcW5aNUunMc0slvVY1hH7n30hK-5Lc6JVNy_Sufo8eBk_FBeIatZx20lnuJU7uobVmAHyc3KZNLX7S0pOP8Dh4SPBNoAXPoEbYvgnbNmTk95cCskvPgpR4NucyOQdPqxNZ5JfrvinyylxfzNv-pwo5amgD7-T5YkrHDwUn2_kUVr35yHUUivdLxz26WFqJl5tMkxp6Kbq9-EZit_KF8HP54e_o5WLsp8w-7DFnG25LS28X-CTOO5soc_t1y6P_aPH4exyUCpK65PjTDKM05ZLPsNbXg4AtEgvyrDV_BYDiQBMfITTyFzp-SycMdpif38PPtovgZPWV3OatrAHko1YXd0mmqhf3GMqVLDdbMdl4jjGsu3KERxQT-ifBeEPoiJ7xGrZzLNt3Gr8aFGwVQMD83n10CEMCf1v3q-1x2L0WHr_dRY89jymv3oAnPayI62gMQD-Lt8s_42i19lq466XVFR9sUigent08XiLiOzj9RIujREI8M4FGS3z56PWjrQbZKgpTU8cHe7cZPZGbQVK9jZOYog-5RZet9cFNyvkvFXoC4ZdDiDr4BJyzjkKMhs9Bcsz1DRRjSphFJV4481LsatEZRo7y5AouBOKLljPLZ0e0sfXrTO8dZ7MuLEkUALRFeAPd6vAn1BENknZr_eTkzYAXT-BSQ0NckvE-rsBj6_qt5Px66fFgpn4kgaB4fQxbkmRTPEh_wocLje5ycctdLMuisLmyxBGOtG-TDVBNf7Cq0Q635AynmTiCjhQZKDpZzdAqkBwVVesbvW9hLkcuRIwq7sqVkPj6zAA1IyG9jgmtL6AAjLBC2Id16JIPBSHLrp83LHw_QPk6oh9eP5eXuIXfV810iL-POMJpwSXYcbv08W_75CXcTBpnT45EcOuTvw_ebrx76KSXjEZaQU0r5GOikhfUC0IGpUPd8XIoEQcdvzXvxuIZt4T067JuWUV3l01QMrKOUNseWlFeWqygI8V0Cy-gxyA_X9RMCcGpmo2y1QBGDroJzA0rszglm7QPMInJpBEzsAQZyJ5IT3bZEC8&cid=CAQSSwDICaaND4O9bA-PZKC3L0FPhKA3E-9smjg0WYlWDrMgzhGD7CTMKkYegYatMcewefkAtIZDNt4oBQ5XFL9BgikP1Fx2b7QsxHsUVxgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsci-hub.yncjkj.com%2F&ds=l&xdt=1&iif=1&cor=2321099373240216000&adk=2124396030&idt=99&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
711197aa07a54668e7fff7a39374839e45ab8280853e0d39bf57165aa0a0dfe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41804
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8a6c58a25e971cfbc194f00dd2aa8ad4.js
www.gstatic.com/mysidia/ Frame 1565 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3907
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 14:31:25 GMT
281c723aa683930efadfba50222cf93a.js
www.gstatic.com/mysidia/ Frame 1565 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/281c723aa683930efadfba50222cf93a.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 03:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4593
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 03:31:21 GMT
a428f40417fb0994dce6f6f7792d3a9a.js
www.gstatic.com/mysidia/ Frame 1565 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a428f40417fb0994dce6f6f7792d3a9a.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f2776a54f648611b3ceec51b10a0aa2da009ab39677c95d27981d9bb5f3a4656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 04:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8270
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 04:33:19 GMT
css
fonts.googleapis.com/ Frame 1565 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 10:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 09:18:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 10:37:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1565 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
15088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:26:06 GMT
55c07926d0961c7899d23978ffa28542.js
www.gstatic.com/mysidia/ Frame 1565 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/55c07926d0961c7899d23978ffa28542.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 02:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2242
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 02:47:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 1565 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5014
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 09:14:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1565 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 10:25:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1565 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
15029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:27:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1565 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 10:37:34 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame 1565 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 04 Feb 2024 06:26:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CB68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClBzG68FIZcyJEryWjuwP3Mql8AqWjs3Fc7bnmdTkEZvNmo7mQBABILKYs44BYJWCgICgB8gBBakCGcBzK1WieD6oAwGqBJACT9APbItDG_HxLxPr5KSyR3pVWnihCJQtd1lg8UoL_9GSLNa9m5uMC5fPSK5wnQDfu9VnDypCiBJqsbH_Nt5VimULxwzLDqH3VDlgYjq3CLIwoYSIOdWf5FHzK9cLRFKtXb8noDbEDxWyBzXg-yYIrShdX5RoIxW4a5PN9ItVpeNf0RPOqBlHKVfYJ9dQZxhuHV06ARoT-M4VnQBS9vKQZ7bHhrZrKxV1oQMam_sCVKEBq30leL5e4io4oPbZrjCfEAJeLbfr9KewJs8YJPPIYQcEH9DR0YrtmVCg9x4ie9zcoJfAeRLBpcZljBJMo-afAHRfXidEkYWkPfaw8nP_ZTwOhjD0ws-VZ0FBwL0f4Z7ABNL-x9DDBOAEA4gF3dzv9EySBQYIGxADGAOSBQ0IIhABGAFI7uCRAlABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeym7b9BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEIetHxj658T6AdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAwqCgoI5LSxAu61sQKwE4vBshXIE9XB3eMD0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTQ4MzU4NDIzMzc0NTk4MjQYAOgXBQ&sigh=4K5cyf-Bakk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN4bcBObqpH-VhKILRl1BqeUgcR3hzL_C9T4Hq5Vof6sAax5YS1ug2_0u7MghUc0HyR9m6Mhdzxzoj8fzeG3GQV1Eu39jPVRgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=280&slotname=8102394958&adk=3466494313&adf=2987723014&pi=t.ma~as.8102394958&w=528&fwrn=4&fwrnh=100&lmt=1699267051&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1699267051010&bpp=2&bdt=621&idt=261&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vFLxQ7qyfM&p=http%3A//sci-hub.yncjkj.com&dtd=263
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Nov 2023 10:37:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523880/ Frame 725C 		252 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523880/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-4835842337459824&ias_chanId=1&ias_placementId=20492286635&bidurl=http://sci-hub.yncjkj.com/&ias_dealId=&xsId=ABAjH0gvwvZOHoehgsFDeWBOs0vh&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gvwvZOHoehgsFDeWBOs0vh
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.140.215 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60c9901153241fd4cf4a5489675d5e6b7be0da97103f10e0cb7fb0906983ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 725C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 02:22:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Nov 2023 02:22:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 725C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVPOic0Y4AEJ3GJQPBVE00xRTzSWsl9yzbvMfor0qursyQG-pN-AAJBcDC_gDQfdBbHMR3N74OflcSialNH0-pdWbI06URWWO-AmNJaCAhRDYZpz2KN5bStLDbL6yIyFO-_LayJq-Yi90F5zz1Y6cT6kdntCqu_7kJbWM90tHkHrp5Oaw&dbm_d=AKAmf-BXKxjId72Cd0eMknpswzhVLDoIpeZa7UmzWDhgrIB_-G4I3S5PP3XkFMCiqx7RZyYdr55nqI38lYZtwNmv06HxRjPcFB92W7jDcwJtgQDJtCYwaYMLOS7k87i0dI7RxEdXpOsJG8fvf51HoPQWCWKrfS4dmCDVH8XElU-JPRZJBdOby-i1x6IxkYul9oCa7e_yJLXB1EPTVHBq1qXB_7jhgeuhyVycAaDFwElgN2fsfEeV-VtJpEHQliP1lCgOAKORbbF9wDaex0MxJotlHtGkhRyqFnJKBU3-8gVd34f5Sk0ChbKGZIYu9cfAiP7bJ4DWgoFRx757dYo9G-l2akmmxpKKYYh9KBVTrmyzsqXfQzSpLvzszVcRuLx68YbpwFhkdaEmzy_7wCfhu42CPPCf72BSuqPZJLkRxB7dhB0SYdevAqihE_idGd9VL_3pyGENP7UbmzGhGvmZsUIXFzS2F5eBW41a-jy22CZLkw2uJIpcbwqKbG6KuOx17iWr40LTOZZ0u-YNQ2-Q5Q4jfwUkj6UbQUTGNZAxMGCMEi1OlgpOl3BukudAKUChBO8x4rAvMwBD198e74oPDOTC5umL9mQsx7PhbUUMJtxlxgJDbUC1TeJ-DOUSWpv4IgJAGCplnqDAQvBWiLzMUSo8VyBLOBhCUsKtkmKTa4eUmVXEMr-bTCq5tcMdj5aN4adXK__TB3UZBA9FpZD6ZMpoRKwXvl8iPZzjnW7Hdpxxrhrcq7MqwcKa8Dde-zGFD1BCUy0-gjmL_rxiVOa2bWes05osLh__AD2hH4BmO6OzP_mosfn-A_B0rwt6tBFQOS_fO9GfyyOk9VGjFD89I9F6EkV8PWtw4IjTc0BRr02BhvN9T4bsf7LBBTp3rGOM0DhqPahKdSnOOx0Pf8aC2mze7J66mhUHxtTv4bHr3z4JqG9x6_h725axwB9Z33xpRqIz-kh1lIfwDGLa-iAdVsdocvXuZ4I4ZYdLHKgwS0d8A7q-dPBTS7o7Mnc6vukw2p3BrU2mt2kerfc6Q3ha7dp1jnXxKS7fDkT3xl2LzSA37JoVYuXgSYaEHzQDy32kPOQ0uo180JHgIrC5SLEVtg0uLUHhGFWXWyk6ReTDmXoYqCDql2ZbGQPomrdB6t1E2TUKpkaUqq4M8KBqDkHEUaqG47H8HehvKyDmjHdhWhGwluErgeALle8e4-B9MycSUZOcD8RNsHQLfH9aatjo05gcAT5VnfvKEnFVGxlMCgamtfxhhGDcm52pa9nNMAEE6fIfZ-HdOlHzD0sTHEtTgimpnSITl6lT0wrzZFAs3S0RuEN9A9ziu_2wCdVgkrl3v8Xgey0nKW3LsfUxN_8ub09cmp5IqGqmx0XhER_Eb4t4r4OuiZ7ZzYTZIB_vkninbh_CghX3J58ZmaH5kJVrNLoizs2HLVV4zTZrJxUHytQ6slA41b_HNvyiSiFmHXhFQ9ppdsc1BBj785dL2siXo1hl2bSoRd-Lw-A-8BnZAfmO9FHWRimkPjA-3bcWoCj0SSWraXOR15Dq2PkGvl9inCy7JHbusKrHXLvBWfxsphkwmwlQCW-qbBcGf4hu7oSCjAujSGVujcZYZDOd6r7qtLZUyEyHM1UE_9vAoH6KSjYfu0epJYqZn6Ms2Mf2FngnLKVIxZaJxkgD_-XGg3dIP5p_AlBqDURLFZAlRwY5iES1HFKNMDNxOjhXcBxKrQ0he49nHdRvk1_gGKzl9C9G-jHZLrT30VSmJy9Va7sTJinqa8jDEkELzPyrLIqGlOw1-fABHN1u_HdHKC-dC-2q9E-O-CgDQYQAt9ZXsLOBHYBu0QGp9liKoS8Xnc_PbZNGH-MxM8JqNK0zaIpyQ7i-nGbZexISRLIargOBEPng_hPccqiA6m_c131qCYxBQ5O5IHskKfh8MrP0wkmW1C4eriI5ghEPRLkRaN4AhhRXlry7k22lZzE-tuysmjE3ORcbUSIYWwGgDA0ckpYn-ZXktVbf1fAUvm8Ja5eMSyF2SdPQlTJJDEWNakGmRNBTyUMZZQPoOB4AkzkAR1wASeAGzykplize3f-eCysOy_xCS1lWAsrHSfVPy06BeWW0wV8Uu1Qo23lXQ21HtqOqHjz6WApRGF3fEPpQRgyegwv6JX6BdnE4zIPvQIcO7f-Ire_doKPkjHz1T5mDSkZoZIklO5XmuWFfO09ikOcUQErlXjSpHSTCiaqbe5WGmH80La-XJB1vF7ocxdDvhqogv7dRi_km8Nm6_UkCOc5fr5QlRVKdIS0r024sUWYiONqoi5o-_zsuJxDxrSgDf1ifYM-tUjIoRXbm7p532AxzAKJB2XK7X1YZlNolFoGSh0cRnRQrR4ifdAlRtul13otn6gS_8SKkC0Z_PlmbtO96XlGdyfDoBjw5JEFjQfn99aqjdTUM1mu61yN-Kdgw6qvXO5Gc3b0k6r9KiVMcW5aNUunMc0slvVY1hH7n30hK-5Lc6JVNy_Sufo8eBk_FBeIatZx20lnuJU7uobVmAHyc3KZNLX7S0pOP8Dh4SPBNoAXPoEbYvgnbNmTk95cCskvPgpR4NucyOQdPqxNZ5JfrvinyylxfzNv-pwo5amgD7-T5YkrHDwUn2_kUVr35yHUUivdLxz26WFqJl5tMkxp6Kbq9-EZit_KF8HP54e_o5WLsp8w-7DFnG25LS28X-CTOO5soc_t1y6P_aPH4exyUCpK65PjTDKM05ZLPsNbXg4AtEgvyrDV_BYDiQBMfITTyFzp-SycMdpif38PPtovgZPWV3OatrAHko1YXd0mmqhf3GMqVLDdbMdl4jjGsu3KERxQT-ifBeEPoiJ7xGrZzLNt3Gr8aFGwVQMD83n10CEMCf1v3q-1x2L0WHr_dRY89jymv3oAnPayI62gMQD-Lt8s_42i19lq466XVFR9sUigent08XiLiOzj9RIujREI8M4FGS3z56PWjrQbZKgpTU8cHe7cZPZGbQVK9jZOYog-5RZet9cFNyvkvFXoC4ZdDiDr4BJyzjkKMhs9Bcsz1DRRjSphFJV4481LsatEZRo7y5AouBOKLljPLZ0e0sfXrTO8dZ7MuLEkUALRFeAPd6vAn1BENknZr_eTkzYAXT-BSQ0NckvE-rsBj6_qt5Px66fFgpn4kgaB4fQxbkmRTPEh_wocLje5ycctdLMuisLmyxBGOtG-TDVBNf7Cq0Q635AynmTiCjhQZKDpZzdAqkBwVVesbvW9hLkcuRIwq7sqVkPj6zAA1IyG9jgmtL6AAjLBC2Id16JIPBSHLrp83LHw_QPk6oh9eP5eXuIXfV810iL-POMJpwSXYcbv08W_75CXcTBpnT45EcOuTvw_ebrx76KSXjEZaQU0r5GOikhfUC0IGpUPd8XIoEQcdvzXvxuIZt4T067JuWUV3l01QMrKOUNseWlFeWqygI8V0Cy-gxyA_X9RMCcGpmo2y1QBGDroJzA0rszglm7QPMInJpBEzsAQZyJ5IT3bZEC8&cid=CAQSSwDICaaND4O9bA-PZKC3L0FPhKA3E-9smjg0WYlWDrMgzhGD7CTMKkYegYatMcewefkAtIZDNt4oBQ5XFL9BgikP1Fx2b7QsxHsUVxgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsci-hub.yncjkj.com%2F&ds=l&xdt=1&iif=1&cor=2321099373240216000&adk=2124396030&idt=99&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 19:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
54793
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 19:24:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 725C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AVPOic0Y4AEJ3GJQPBVE00xRTzSWsl9yzbvMfor0qursyQG-pN-AAJBcDC_gDQfdBbHMR3N74OflcSialNH0-pdWbI06URWWO-AmNJaCAhRDYZpz2KN5bStLDbL6yIyFO-_LayJq-Yi90F5zz1Y6cT6kdntCqu_7kJbWM90tHkHrp5Oaw&dbm_d=AKAmf-BXKxjId72Cd0eMknpswzhVLDoIpeZa7UmzWDhgrIB_-G4I3S5PP3XkFMCiqx7RZyYdr55nqI38lYZtwNmv06HxRjPcFB92W7jDcwJtgQDJtCYwaYMLOS7k87i0dI7RxEdXpOsJG8fvf51HoPQWCWKrfS4dmCDVH8XElU-JPRZJBdOby-i1x6IxkYul9oCa7e_yJLXB1EPTVHBq1qXB_7jhgeuhyVycAaDFwElgN2fsfEeV-VtJpEHQliP1lCgOAKORbbF9wDaex0MxJotlHtGkhRyqFnJKBU3-8gVd34f5Sk0ChbKGZIYu9cfAiP7bJ4DWgoFRx757dYo9G-l2akmmxpKKYYh9KBVTrmyzsqXfQzSpLvzszVcRuLx68YbpwFhkdaEmzy_7wCfhu42CPPCf72BSuqPZJLkRxB7dhB0SYdevAqihE_idGd9VL_3pyGENP7UbmzGhGvmZsUIXFzS2F5eBW41a-jy22CZLkw2uJIpcbwqKbG6KuOx17iWr40LTOZZ0u-YNQ2-Q5Q4jfwUkj6UbQUTGNZAxMGCMEi1OlgpOl3BukudAKUChBO8x4rAvMwBD198e74oPDOTC5umL9mQsx7PhbUUMJtxlxgJDbUC1TeJ-DOUSWpv4IgJAGCplnqDAQvBWiLzMUSo8VyBLOBhCUsKtkmKTa4eUmVXEMr-bTCq5tcMdj5aN4adXK__TB3UZBA9FpZD6ZMpoRKwXvl8iPZzjnW7Hdpxxrhrcq7MqwcKa8Dde-zGFD1BCUy0-gjmL_rxiVOa2bWes05osLh__AD2hH4BmO6OzP_mosfn-A_B0rwt6tBFQOS_fO9GfyyOk9VGjFD89I9F6EkV8PWtw4IjTc0BRr02BhvN9T4bsf7LBBTp3rGOM0DhqPahKdSnOOx0Pf8aC2mze7J66mhUHxtTv4bHr3z4JqG9x6_h725axwB9Z33xpRqIz-kh1lIfwDGLa-iAdVsdocvXuZ4I4ZYdLHKgwS0d8A7q-dPBTS7o7Mnc6vukw2p3BrU2mt2kerfc6Q3ha7dp1jnXxKS7fDkT3xl2LzSA37JoVYuXgSYaEHzQDy32kPOQ0uo180JHgIrC5SLEVtg0uLUHhGFWXWyk6ReTDmXoYqCDql2ZbGQPomrdB6t1E2TUKpkaUqq4M8KBqDkHEUaqG47H8HehvKyDmjHdhWhGwluErgeALle8e4-B9MycSUZOcD8RNsHQLfH9aatjo05gcAT5VnfvKEnFVGxlMCgamtfxhhGDcm52pa9nNMAEE6fIfZ-HdOlHzD0sTHEtTgimpnSITl6lT0wrzZFAs3S0RuEN9A9ziu_2wCdVgkrl3v8Xgey0nKW3LsfUxN_8ub09cmp5IqGqmx0XhER_Eb4t4r4OuiZ7ZzYTZIB_vkninbh_CghX3J58ZmaH5kJVrNLoizs2HLVV4zTZrJxUHytQ6slA41b_HNvyiSiFmHXhFQ9ppdsc1BBj785dL2siXo1hl2bSoRd-Lw-A-8BnZAfmO9FHWRimkPjA-3bcWoCj0SSWraXOR15Dq2PkGvl9inCy7JHbusKrHXLvBWfxsphkwmwlQCW-qbBcGf4hu7oSCjAujSGVujcZYZDOd6r7qtLZUyEyHM1UE_9vAoH6KSjYfu0epJYqZn6Ms2Mf2FngnLKVIxZaJxkgD_-XGg3dIP5p_AlBqDURLFZAlRwY5iES1HFKNMDNxOjhXcBxKrQ0he49nHdRvk1_gGKzl9C9G-jHZLrT30VSmJy9Va7sTJinqa8jDEkELzPyrLIqGlOw1-fABHN1u_HdHKC-dC-2q9E-O-CgDQYQAt9ZXsLOBHYBu0QGp9liKoS8Xnc_PbZNGH-MxM8JqNK0zaIpyQ7i-nGbZexISRLIargOBEPng_hPccqiA6m_c131qCYxBQ5O5IHskKfh8MrP0wkmW1C4eriI5ghEPRLkRaN4AhhRXlry7k22lZzE-tuysmjE3ORcbUSIYWwGgDA0ckpYn-ZXktVbf1fAUvm8Ja5eMSyF2SdPQlTJJDEWNakGmRNBTyUMZZQPoOB4AkzkAR1wASeAGzykplize3f-eCysOy_xCS1lWAsrHSfVPy06BeWW0wV8Uu1Qo23lXQ21HtqOqHjz6WApRGF3fEPpQRgyegwv6JX6BdnE4zIPvQIcO7f-Ire_doKPkjHz1T5mDSkZoZIklO5XmuWFfO09ikOcUQErlXjSpHSTCiaqbe5WGmH80La-XJB1vF7ocxdDvhqogv7dRi_km8Nm6_UkCOc5fr5QlRVKdIS0r024sUWYiONqoi5o-_zsuJxDxrSgDf1ifYM-tUjIoRXbm7p532AxzAKJB2XK7X1YZlNolFoGSh0cRnRQrR4ifdAlRtul13otn6gS_8SKkC0Z_PlmbtO96XlGdyfDoBjw5JEFjQfn99aqjdTUM1mu61yN-Kdgw6qvXO5Gc3b0k6r9KiVMcW5aNUunMc0slvVY1hH7n30hK-5Lc6JVNy_Sufo8eBk_FBeIatZx20lnuJU7uobVmAHyc3KZNLX7S0pOP8Dh4SPBNoAXPoEbYvgnbNmTk95cCskvPgpR4NucyOQdPqxNZ5JfrvinyylxfzNv-pwo5amgD7-T5YkrHDwUn2_kUVr35yHUUivdLxz26WFqJl5tMkxp6Kbq9-EZit_KF8HP54e_o5WLsp8w-7DFnG25LS28X-CTOO5soc_t1y6P_aPH4exyUCpK65PjTDKM05ZLPsNbXg4AtEgvyrDV_BYDiQBMfITTyFzp-SycMdpif38PPtovgZPWV3OatrAHko1YXd0mmqhf3GMqVLDdbMdl4jjGsu3KERxQT-ifBeEPoiJ7xGrZzLNt3Gr8aFGwVQMD83n10CEMCf1v3q-1x2L0WHr_dRY89jymv3oAnPayI62gMQD-Lt8s_42i19lq466XVFR9sUigent08XiLiOzj9RIujREI8M4FGS3z56PWjrQbZKgpTU8cHe7cZPZGbQVK9jZOYog-5RZet9cFNyvkvFXoC4ZdDiDr4BJyzjkKMhs9Bcsz1DRRjSphFJV4481LsatEZRo7y5AouBOKLljPLZ0e0sfXrTO8dZ7MuLEkUALRFeAPd6vAn1BENknZr_eTkzYAXT-BSQ0NckvE-rsBj6_qt5Px66fFgpn4kgaB4fQxbkmRTPEh_wocLje5ycctdLMuisLmyxBGOtG-TDVBNf7Cq0Q635AynmTiCjhQZKDpZzdAqkBwVVesbvW9hLkcuRIwq7sqVkPj6zAA1IyG9jgmtL6AAjLBC2Id16JIPBSHLrp83LHw_QPk6oh9eP5eXuIXfV810iL-POMJpwSXYcbv08W_75CXcTBpnT45EcOuTvw_ebrx76KSXjEZaQU0r5GOikhfUC0IGpUPd8XIoEQcdvzXvxuIZt4T067JuWUV3l01QMrKOUNseWlFeWqygI8V0Cy-gxyA_X9RMCcGpmo2y1QBGDroJzA0rszglm7QPMInJpBEzsAQZyJ5IT3bZEC8&cid=CAQSSwDICaaND4O9bA-PZKC3L0FPhKA3E-9smjg0WYlWDrMgzhGD7CTMKkYegYatMcewefkAtIZDNt4oBQ5XFL9BgikP1Fx2b7QsxHsUVxgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsci-hub.yncjkj.com%2F&ds=l&xdt=1&iif=1&cor=2321099373240216000&adk=2124396030&idt=99&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
15072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11960
x-xss-protection
0
server
cafe
etag
17132697034905592634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Nov 2023 06:26:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 725C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
15072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Nov 2024 06:26:22 GMT
truncated
/ Frame 725C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a02709cdfb2b92e5478796528a40dac630989be6f661567b6da80376fb43f89e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9D07 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:10:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0E16 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 06:26:22 GMT
expires
Tue, 05 Nov 2024 06:26:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/1064608057035189096/ Frame 91B6 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
219333
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1879
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 21:42:02 GMT
expires
Sat, 02 Nov 2024 21:42:02 GMT
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 725C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyCKYRP9wdCWMem7Q-7vu1Vfg_JreK7LSxyqwgl8UUyTEbx-KN_JcldfraNPvpyAB571EPbNq17NJb-8GJEAdD8sHU-DMnBC7yAF0H89p3qPIOImpyXfzU0KVbia-E-g0iju9SI2yK7U6G4assvbFbI_oUcbhtBOYtJ8az-4I77_ucV1poAB9L-xF1yXCEWd_PehneqNYW_wSyTvErvWhGoeg-IFHl9BS75x8S-0ntApBCK8PfBzFGwtwvCO6vDLaJoLm4Vfs3XMme76LrL2pj2lLVSf6aOiVdDAXzx3MZwo5Cty4E3b2pKcScZrkn_s9SDtlOT-8FimvdAQg56u9kNaBkF88Pwlwrxs4UpE57XMuJRpSfcF5fpZcb22frqYMObI-S2vqYGKf9Lfp1YuxwcHJtt9kzwI-HtOX7ZSxLsoKWWxv5qaICzceCqlG_RjUtGOKtrD3dL3CFtp_ICvXkUklSdVARYmn7K27JZf6s50lLa-kztJy3srtKgc5O_iikD-1W9snW6BRQO3XEhZZLwHEVCwebygEmgLhYmhAsdD7pwD2vv6aNFKbpdnPISIe0-OeJcE1WsVjclYdDKPABOUFbTGJbRyW-UV8s9eQsioHD0X-IkF0kpjzPUQvs6LP22FEdCrHPC6DREWwL0TWff4MyJzCCm8m7SkHb1LGYK7T4_X0NcAIeMqnY32tGz4WsXMiLNTzcCFTJ_kvcRGs6kLxMhycVppz3XjpWW0BFSEgP-Iwm48N7nCpAhucmYMfxB5ZR8uRyx2GICcgqTnwd_b0AF0sBvJj_OEQXwrc71huufzZ20nmRMdsZg_rDyQODdtoE3KCkFGa9fH55HSEy3FTHUB5JSlbMoHdCaLRCX-4I1QBZtJbhdNOcCUFwTgw5LDVZggpxzOJO96mECoqRqlhlouD-MLlAG3WTqZVEnuv1PysSsWhz6HbKgh3i8wKbIhJGJlECqigXdEMM_DVhze4mj_69fEEdWvv7wjLyAzAgL3Pwzpig1VJHz25zIc4l7gdkB24qp7hc6yDPBUWxXMMbypilXF3qaJYGBRmb6zwHrGgahJ4biC-Bt-aqbctOfLUDKXdJUI12A3yhVj9bvgufz3h7rGQpNkAfTEDTVk4OOm0IQ1T3yTefKuD8Y3GeDkn7mEkmqtKCs8DJDZG4js9bgJvDLqIwdB4slRxAFhYSR1LnK-LlyG6nYJmrkiXmY1gWUs1QZZNdfTJikO5YiS4izJv5aGsyPENESQWxQexB5QfvpeBmS69jIpdcjfk370fxhQs6eB6-ylW0j60L3UaaPFxGUn8o_GDSMEWid80&sai=AMfl-YTHRoiegPQfBLdUVBBhivafrYNQ75p4lq2owgz6PfZ3CSsdkMNsTU8Wt8c4cXaJke28UR7ILgHLOoQH0TQ2InAsVwQgvJgl0wKKc6lU_qOCHlRbShnnjuwOUdq8B1Y3i4fcnDOeWurms_n8a9JYvpK-7ZDgFvJgt113lmtJdvc34K_knKmWtvZODAeUOCxjAeZv8LyrnqW-5RK6c4iymJNiv_4B0SknGejqvJ0lkTaWGmL2gTzTZnfkYeaLbr3MLVeZ1wCXft7vcCfo-3U8Ic7K5BtE_I4P&sig=Cg0ArKJSzJSzuyVmJrtZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=140&cbvp=1&cstd=137&cisv=r20231101.80329&arae=0&ftch=1&adurl=
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Nov 2023 10:37:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1565 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKDRArIQAAAAAAAChAMAQKDRADIQAAAEAzY2pAMAQKDRANIQAAAACAmbk_MAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAwQDAECg0QECEAAAAAAMKyQDAECg0QESEAAAAAwBD0QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAA4MyNwQDAEEhpDT0hyNFllWHI0SURGWVM3ZHdvZGVjb01FdyIZdGV4dC92YW5pbGxhX2hpZ2hsaWdodF9tcygV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a428f40417fb0994dce6f6f7792d3a9a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 0E16 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9D07
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:37:35 GMT
expires
Mon, 06 Nov 2023 10:37:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:37:35 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
pagead2.googlesyndication.com/bg/ Frame 115E 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 19:42:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
399333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19777
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Oct 2024 19:42:02 GMT
style.css
s0.2mdn.net/sadbundle/1064608057035189096/css/ Frame 91B6 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 91B6 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1609217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTi18xZ3p9nNR74tR4bARYdUFVngpCSTdCWdvTDNQvh2BcG8%2FW5cn6DQWMfWrnE64Z%2BhoUtcvEaoYBooa8Gz%2Fs2afNhWg5%2FM8mxSuW3z3ZvT33W%2BY55Mdh0WwAYIUiNz%2FO5oxk1buuXJYE4My%2BktlnKF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
821cb3b73bd4900a-FRA
expires
Sat, 26 Oct 2024 10:37:35 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 91B6 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1793997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BRBWNrAf7og85IyYxEzoRU32XLiMgNxqiHcO0jpOfTLljB3V7Si3TxtSoX%2Fu82qLEJBG4BrHypegbPKCvcRyeABzxBsV%2FTnQDVKEICyGRs2nA7Yl%2BtqBzmZcfYhx95j%2F8xcJDB4JU5bG6gCwvH8G5so"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
821cb3b73bd6900a-FRA
expires
Sat, 26 Oct 2024 10:37:35 GMT
dyson.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
arrow.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		429 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 21:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306730
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Nov 2024 21:25:25 GMT
dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		25 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson-v15s-submarine.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8356
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
1-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33567
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
2-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33601
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
3-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25911
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
4-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 15:09:08 GMT
x-content-type-options
nosniff
age
588507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8971
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 15:09:08 GMT
5-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/5-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 16:46:42 GMT
x-content-type-options
nosniff
age
582653
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12054
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Oct 2024 16:46:42 GMT
script.js
s0.2mdn.net/sadbundle/1064608057035189096/script/ Frame 91B6 		4 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
930
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Nov 2024 04:02:03 GMT
csi
csi.gstatic.com/ Frame CB68 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=3~lomrqaqv&c=7818028766780&slotId=3909014383390&qqid=CIyr4oeXr4IDFTyLgwcdXGUJrg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame CB68 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Nov 2024 22:32:49 GMT
file.mp4
r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CB68
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0C6E10BC0A20A88D7937ACC543A565567A8225E8.17E7EE97F57B71823809F13F5FBEB0B68AC9A6FC/key/cms1/cms_redirect/yes/mh/SL/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1699265994/mv/u/mvi/2/pl/36/file/file.mp4
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:12::7 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 10:37:36 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000
Content-Length
3979528
Last-Modified
Fri, 13 Oct 2023 15:57:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 06 Nov 2023 10:37:36 GMT

Redirect headers

date
Mon, 06 Nov 2023 10:37:35 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
653
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0C6E10BC0A20A88D7937ACC543A565567A8225E8.17E7EE97F57B71823809F13F5FBEB0B68AC9A6FC/key/cms1/cms_redirect/yes/mh/SL/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1699265994/mv/u/mvi/2/pl/36/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1565 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoXCAEqE2Jhbm5lci1sb2dvLXZhbmlsbGEKCggCKgZzZXJ2ZXIKDRAUIQAAAABQivRAMAQKDRAVIQAAAAAAAChAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAGhmzoBAMAQKDRAyIQAAAADAmck_MAQKDRAzIQAAAADAmck_MAQKDRA0IQAAAADAmck_MAQKDRA1IQAAAADAmck_MAQKDRA2IQAAAADAmck_MAQKDRA3IQAAAADAmck_MAQKDRA4IQAAAABoZvY_MAQKDRA5IQAAAIAzszZAMAQKDRA6IQAAAIAzszdAMAQKDRA7IQAAAGhmBnBAMAQKDRA8IQAAAGhmBnBAMAQKDRA9IQAAANDMJHBAMAQKDRA-IQAAADQzp4BAMAQKDRA_IQAAADQzp4BAMAQKDRBAIQAAAGhm1oBAMAQSGkNPSHI0WWVYcjRJREZZUzdkd29kZWNvTUV3Ihl0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0X21zKBU=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a428f40417fb0994dce6f6f7792d3a9a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.js
static.adsafeprotected.com/ Frame 725C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-4835842337459824&ias_chanId=1&ias_placementId=20492286635&bidurl=http://sci-hub.yncjkj.co...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0gvwvZOHoehgsFDeWBOs0vh&ias_xappb=&adContainerId=brand_safety_7sFIZeyoJs-QjuwPormvyAQ&cbFunctionName=goog_wrapCb_7sFIZeyoJs-QjuwPormvyAQ&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gvwvZOHoehgsFDeWBOs0vh&ias_xappb=&adContainerId=brand_safety_7sFIZeyoJs-QjuwPormvyAQ&cbFunctionName=goog_wrapCb_7sFIZeyoJs-QjuwPormvyAQ&true_pb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Server
2600:9000:2127:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
vBWVP21J15tPY2s9w9TMkzU6H2VI4KIK
content-encoding
gzip
via
1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
date
Thu, 02 Nov 2023 16:01:52 GMT
x-amz-cf-pop
PRG50-C1
age
326145
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 26 Oct 2023 16:01:50 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
I3mGOW70bTYMsUtfmdY0YTM0bvNARViZJ40kplahvyoSPWYLeeOIUw==

Redirect headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:35 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gvwvZOHoehgsFDeWBOs0vh&ias_xappb=&adContainerId=brand_safety_7sFIZeyoJs-QjuwPormvyAQ&cbFunctionName=goog_wrapCb_7sFIZeyoJs-QjuwPormvyAQ&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6F00 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:19:22 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
17579895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
_obe7CO6Q2uvXggKE-zk8yYLn3-VHlN__IoavDyESpQ96maGQENq-w==
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7446 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
478960
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 21:34:55 GMT
expires
Wed, 30 Oct 2024 21:34:55 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 725C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d7418248-9ac7-52a4-50ad-8622bcf04c3b&tv=%7Bc:tbC1PE,pingTime:-3,time:71,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUPdohp+11%7C12%7C131*.1627455-73523880%7C1311%7C13121%7C1313%7C14%7C151%7C152,idMap:131*,rmeas:1,rend:0,renddet:na,siq:29%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:508b:8538:272f:fcf -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
server
nginx
x-server-name
dt30.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 725C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d7418248-9ac7-52a4-50ad-8622bcf04c3b&tv=%7Bc:tbC1PH,pingTime:-6,time:74,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:74,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUPdohp+11%7C12%7C131*.1627455-73523880%7C1311%7C13121%7C1313%7C14%7C151%7C152,idMap:131*,rmeas:1,rend:0,renddet:na,siq:29%7D&tpiLookup=ao:sci-hub.yncjkj.com%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:508b:8538:272f:fcf -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 725C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d7418248-9ac7-52a4-50ad-8622bcf04c3b&tv=%7Bc:tbC1PT,pingTime:-2,time:86,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:802,beZ:804,mfA:807,cmA:809,inA:809,inZ:814,prA:814,prZ:820,si:830,poA:831,poZ:852,cmZ:852,mfZ:852,loA:876,loZ:879,ltA:888,ltZ:888%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:86,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUPdohp+11%7C12%7C131*.1627455-73523880%7C1311%7C13121%7C1313%7C14%7C151%7C152,idMap:131*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:29,sinceFw:56,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:508b:8538:272f:fcf -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dysonfutura-book.woff
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame 91B6 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 17:49:00 GMT
x-content-type-options
nosniff
age
319715
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Nov 2024 17:49:00 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 7446 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
csi
csi.gstatic.com/ Frame CB68 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&puid=4~lomrqb7f&c=7818028766780&slotId=3909014383390&qqid=CIyr4oeXr4IDFTyLgwcdXGUJrg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1921&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.303&ua_e=1&ape=1&ple=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 725C 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLJQpnelvsHRkAHLTZnVFWIq59tP-fhYDq3gskyKUrtJXpPwXxYoBMOAPYv8AlDzNOJHNxe3A2ExGwu6r1qwgWfPkXrUsjS2QDXcGKIiMvVpyvcVe301Uy9vSZH_TpdnNlpVCHgbJSqQvh&sai=AMfl-YRaFQ9ZfvWZh9uffsCKcdFt7W9rJwBqrN-uRKgz1VARA-6DMnASRKSn42qS2c-DHh8Eq8fuo6bnsFaA6Kr-Qeemrgq7wdiLhdZglcuWNx-_COE9ZxE6WYck78rwqMOu3A3ZOJkXgH-EnKv5&sig=Cg0ArKJSzMqRUYgZcmRfEAE&cid=CAQSSwDICaaND4O9bA-PZKC3L0FPhKA3E-9smjg0WYlWDrMgzhGD7CTMKkYegYatMcewefkAtIZDNt4oBQ5XFL9BgikP1Fx2b7QsxHsUVxgB&id=lidar2&mcvt=1240&p=0,0,90,728&mtos=1240,1240,1240,1240,1240&tos=1240,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=156955669&rs=2&la=0&cr=0&vs=4&r=v&rst=1699267054462&rpt=405&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 725C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyCKYRP9wdCWMem7Q-7vu1Vfg_JreK7LSxyqwgl8UUyTEbx-KN_JcldfraNPvpyAB571EPbNq17NJb-8GJEAdD8sHU-DMnBC7yAF0H89p3qPIOImpyXfzU0KVbia-E-g0iju9SI2yK7U6G4assvbFbI_oUcbhtBOYtJ8az-4I77_ucV1poAB9L-xF1yXCEWd_PehneqNYW_wSyTvErvWhGoeg-IFHl9BS75x8S-0ntApBCK8PfBzFGwtwvCO6vDLaJoLm4Vfs3XMme76LrL2pj2lLVSf6aOiVdDAXzx3MZwo5Cty4E3b2pKcScZrkn_s9SDtlOT-8FimvdAQg56u9kNaBkF88Pwlwrxs4UpE57XMuJRpSfcF5fpZcb22frqYMObI-S2vqYGKf9Lfp1YuxwcHJtt9kzwI-HtOX7ZSxLsoKWWxv5qaICzceCqlG_RjUtGOKtrD3dL3CFtp_ICvXkUklSdVARYmn7K27JZf6s50lLa-kztJy3srtKgc5O_iikD-1W9snW6BRQO3XEhZZLwHEVCwebygEmgLhYmhAsdD7pwD2vv6aNFKbpdnPISIe0-OeJcE1WsVjclYdDKPABOUFbTGJbRyW-UV8s9eQsioHD0X-IkF0kpjzPUQvs6LP22FEdCrHPC6DREWwL0TWff4MyJzCCm8m7SkHb1LGYK7T4_X0NcAIeMqnY32tGz4WsXMiLNTzcCFTJ_kvcRGs6kLxMhycVppz3XjpWW0BFSEgP-Iwm48N7nCpAhucmYMfxB5ZR8uRyx2GICcgqTnwd_b0AF0sBvJj_OEQXwrc71huufzZ20nmRMdsZg_rDyQODdtoE3KCkFGa9fH55HSEy3FTHUB5JSlbMoHdCaLRCX-4I1QBZtJbhdNOcCUFwTgw5LDVZggpxzOJO96mECoqRqlhlouD-MLlAG3WTqZVEnuv1PysSsWhz6HbKgh3i8wKbIhJGJlECqigXdEMM_DVhze4mj_69fEEdWvv7wjLyAzAgL3Pwzpig1VJHz25zIc4l7gdkB24qp7hc6yDPBUWxXMMbypilXF3qaJYGBRmb6zwHrGgahJ4biC-Bt-aqbctOfLUDKXdJUI12A3yhVj9bvgufz3h7rGQpNkAfTEDTVk4OOm0IQ1T3yTefKuD8Y3GeDkn7mEkmqtKCs8DJDZG4js9bgJvDLqIwdB4slRxAFhYSR1LnK-LlyG6nYJmrkiXmY1gWUs1QZZNdfTJikO5YiS4izJv5aGsyPENESQWxQexB5QfvpeBmS69jIpdcjfk370fxhQs6eB6-ylW0j60L3UaaPFxGUn8o_GDSMEWid80&sai=AMfl-YTHRoiegPQfBLdUVBBhivafrYNQ75p4lq2owgz6PfZ3CSsdkMNsTU8Wt8c4cXaJke28UR7ILgHLOoQH0TQ2InAsVwQgvJgl0wKKc6lU_qOCHlRbShnnjuwOUdq8B1Y3i4fcnDOeWurms_n8a9JYvpK-7ZDgFvJgt113lmtJdvc34K_knKmWtvZODAeUOCxjAeZv8LyrnqW-5RK6c4iymJNiv_4B0SknGejqvJ0lkTaWGmL2gTzTZnfkYeaLbr3MLVeZ1wCXft7vcCfo-3U8Ic7K5BtE_I4P&sig=Cg0ArKJSzJSzuyVmJrtZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1413&vt=11&dtpt=1273&dett=3&cstd=137&cisv=r20231101.80329&arae=0&ftch=1&adurl=
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
file.mp4
r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CB68 		513 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/73087a600c68d08a/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1730803055/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0C6E10BC0A20A88D7937ACC543A565567A8225E8.17E7EE97F57B71823809F13F5FBEB0B68AC9A6FC/key/cms1/cms_redirect/yes/mh/SL/mip/2001:1b60:2:240:3247::12/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1699265994/mv/u/mvi/2/pl/36/file/file.mp4
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:12::7 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 06 Nov 2023 10:37:36 GMT
date
Mon, 06 Nov 2023 10:37:36 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-3979527/3979528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000
Content-Length
3979528
last-modified
Fri, 13 Oct 2023 15:57:19 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E16 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bweit7sFIZeyoJs-QjuwPormvyAQAAAAAOAHgBAI&bg=!Dg2lDULNAAb4oU7C2KE7ADQBe5WfOChLj61v0cPEGLzShqTSbsfTOINJWQLfdsqCAqnZlGhMqxW92UOre_feB78kBIA9AgAAA85SAAAABWgBB5kDSXsA-1OABXUMV7yQuvObZRvccIWkbNIbn_dDfpte8-oQxg7tM0K_9RqzMZ0x5M6lfEG3av-z18VSHqlqoQvh9cni4ibff3gyJx2mlKsTSz6tKh_dRTwINx6Z8lvz-Hc9QiTqvytluJonqA3-GKtfLfK1TQuUwQ8ogwHJaFArPOBHirRW5uOv0Zj4FFlu_z5mESx8_831rzFtQnXP5F6GbbA5gF4oW4e6pJz7IJBEW83gzjq_ZOnLIVqQRZ5rWtlFCK82CattUcDwXLD7te7gQuP8iQlFwatG9e0ZOOEQLiUiv-a7MROHGB6p2oy94lmeT6nJk1Kv64LbGGRx7je_fhTSBphbgEXZaoJBoDy9Vxt6SDnPGf_Fy_ZOUFNYfbpJaeN59CCP36Aql2b18dLQyJj_Qt3h0rEW11slDo9EM7dD7xJVWQJWGamR1tTEvMgjfTMxhzc93QdHYKpA1v5iOqisD9kFh_SCW78yGumiFwbc8OAno5pXuBiDTb6RFssUGhgAEMLFpc4ThRBt7h748jDmDjFTCsAk3B4BGGz5N6DjeThOyGgpZ6iqvL0Ci4xfZrxsx1cy56YDQVSb0uOpXiHdk-AYMciJEMXyRpv3JljyFgx_CYMsLcec6n-q3Veq4JuA7djU9NJg5iKXjtCW-x1ZfX7b_A1HflEVn2ZWrgH1_eMzuRS4_8VliiAMN3Q3G6QodVZ-4ydyiDs-POlSDxRYCoNV1l1a4jErAF8CyGR6uAs6zHK5PupwSd6V1MHzoXxTCnSdp8eOtjfZrDmIRbTRWSDyDD_9hjrkDImh6cAulD9AUdaAKmDDdW3bwD8PM8LJJCpgO6b0EOL6oAdQahSO1X3zVGD2yZUlB6-p8eggbZayN2r7wPZETDlCP9yRhgHH6IZXAsIzU6XlNWUiIrf1rrGfkvrPGgjLfdxOm27sW-FDpvBbNvIOz2TwaGf1pMN6n2ea3SPnXune4Gd_dXim4h68vHOUTIBt3qC0IfY7Bzehdcwwrh9UPWDd5RqA23ANN2FMaPxiH7tbgQ8-ugWwnlPnLJKHvsHUib4pnlHW5SauhKO7Wh8cT2lAyrUY-6fnywm072BvAxeHby9TssNsdG6VIA1sq9I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 725C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d7418248-9ac7-52a4-50ad-8622bcf04c3b&tv=%7Bc:tbC23t,time:928,type:e,im:%7Bpci:%7Btdr:834%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:928,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B919~0%5D,as:%5B919~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUPdohp+11%7C12%7C131*.1627455-73523880%7C1311%7C13121%7C1313%7C14%7C151%7C152,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:29,sis:922%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4835842337459824&output=html&h=90&slotname=7008805130&adk=156955669&adf=2653041513&pi=t.ma~as.7008805130&w=970&lmt=1699267051&format=970x90&url=http%3A%2F%2Fsci-hub.yncjkj.com%2F&wgl=1&dt=1699267051009&bpp=1&bdt=620&idt=256&shv=r20231101&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1899493881265&frm=20&pv=1&ga_vid=482183071.1699267051&ga_sid=1699267051&ga_hid=871266505&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079404%2C31079408%2C44807048%2C44807335%2C44807455%2C44807463%2C31078301%2C31079424%2C44807406&oid=2&pvsid=555664614903246&tmod=1569905068&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6SWJDkhKG3&p=http%3A//sci-hub.yncjkj.com&dtd=261
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:508b:8538:272f:fcf -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7446 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BEAHf78FIZaWaBpKRkdUPn7mmUAAAAAA4AeAEAg&bg=!WVqlWhXNAAb4oU7C2KE7ADQBe5WfOJUiymmQjLkDMGKWNFzVs1TEAQSRN7imV7lXegl1YBkFqSkObJIjMm1yKgJBviiLAgAAAFdSAAAACWgBB5kDJPLoDfHR8dIvigPGSMJ25sMKD7byzM17zlLb6CBV1-85Giv4vkvQDTovLmCwB3FUlFab6ZIUMO5MIxBcpxIvh3tWHxvfKhqAJtI6kfANjmOzgBBb7GbbUIix-UPYNGB7qSURTXHCD5qkywrrFuPWdC3cGgAsTyW0ofYpkycWYfQ51ic2xY9Mx1hsbh0mhTnZABfFmPfrcU6Dg20-LsAOInR_OESfWqftc9aRw72gZaixWM9MzysCg-UnrrmPiGrlUl3ChWOOcVBxBUmiKZt2Z9omuirQVzZPgiIxm584Ga1PFseuFRkOxF_Yr86sg9rbHjZcPxwUZDO8ICKMACynaZ7bcyMLHG9Sk1z0Dcg5YG5CmVNop1AuVzr0hMDQ-_e60kG1MVdvm8pO3PY32xh5GsmqlkQSgx00Jzh0DX4gxge8g0NJaXOfeyZ48M-VGpeS5mR87JRSV_Y-Zl0uDfGIVynuVHKnjY0UqOwM1cMDrpLll6esMsMglpTKt43zuvSgmmu6bTOEWhKkv65sy5nJp0TmkJapWSHi2WbVEg1iJNvrgZJv9o24A8vTz62jVxcQyiX1GAwcZU3KP7GxuXkk5k2vi2bPw1mdw9zS4Hk8NrNQ4brlAI4IJ5NSJeox9H-_wZ-61BzABe7Kk10rwfpVEt4UMoIVPoAmmCaT2iWX36lZX1G8fUk2mJKUvvd5rY51gMhRebfz7mkOsQ2CxvbriU2N2Txrr_f5h8-IZ-ExjUYHL2Tupsgc5KodBywDvJITTrQ6xo366K8w6q-W_DYB1ArGyYojgKYeiZEGThtH0flkecQBaacBbK-BS-TBDgDpS1JLPM7TVcn2V6EO2As7Qy1eMncFRjCgcobhpY_HjAXYd6aA9NRsebOq4qSmXBrrsOh3q99Q_d_CeoyidOtjDksDi-yVAwbP6gyh2bHqE7-6enA7cLwz5qFmx4o_k0Lq6oAX9f2fCNhSXIQRercUXyilFc7NlU5quu61zKUGkFdmvfz1EMBzWKrN69BamlLVIFxHK9vRo1hojkFdRCAXwxEFZ4NfUs8hObCA8rebYcRmpn9Q-g
Requested by
Host: sci-hub.yncjkj.com
URL: http://sci-hub.yncjkj.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
process
share.pluso.ru/ 		0
0
process
share.pluso.ru/ 		0
0
hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1
Protocol
HTTP/1.1
Server
88.212.202.52 -, , ASN (),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 10:37:36 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 05 Nov 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 10:37:36 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.yncjkj.com/;hSci-Hub.Se%3A%20science%20hub;1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 05 Nov 2022 21:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
994df8a7768b9eba78dba23a6d56f8261ca3185499675ae24abe56c37dec7cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12165
x-xss-protection
0
06.png
share.pluso.ru/img/pluso-like/square/medium/ 		0
0
plus.png
share.pluso.ru/img/ 		0
0
dt
dt.adsafeprotected.com/ Frame 725C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d7418248-9ac7-52a4-50ad-8622bcf04c3b&tv=%7Bc:tbC282,pingTime:-10,time:1211,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjEwNSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1699267056474%7C%7Cd7176a00f8bbe9b2959aaf36a1c9f263%7C%7Cadc68e3ec772ef714cd200e23f927f85%7C%7C9d1424335c1c565e30075a9405fbb75c%7C%7Cac89c77f2f0526a7bd84efe8edea6a6b%7C%7C6e33505a62d8e67bdec9ad177f3b5156%7C%7C77c97139cffc5b8cd50fb08f7461a862%7C%7Cec64ec40ff0980e2c4a8c5de311d5f53%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:508b:8538:272f:fcf -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 10:37:36 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
kb.js
kitbit.net/ 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4835842337459824&plah=sci-hub.yncjkj.com&bust=31079424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 10:37:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01FD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://sci-hub.yncjkj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
621
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:27:15 GMT
expires
Tue, 05 Nov 2024 10:27:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1AAC 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
be4c19cd03392b9808a06f939d2383f1ad18d35867154835158b71be3e856af1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gsfZmt-qJRwKgZhEpjPUlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://sci-hub.yncjkj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-gsfZmt-qJRwKgZhEpjPUlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 10:37:36 GMT
expires
Mon, 06 Nov 2023 10:37:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 01FD 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 09:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 09:14:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1AAC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231101&jk=555664614903246&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 01FD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VEFs2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 10:37:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ Frame 725C 		0
0
dt
dt.adsafeprotected.com/ Frame 725C 		0
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231101&jk=555664614903246&bg=!ammlaSbNAAb4oU7C2KE7ADQBe5WfOH_meBGgUK4aNEG3vUQHeZlNbofLt8fFFMAj8sVwFkgK7wSo-5OlPX8syTNOeoPnAgAAAE1SAAAABWgBB5kDFgGRuMHrxxt02Gq7AINRipj_FTrz98zBzWGPRQ_Cj3pQtEBv6DrGHIMNCIdTVMw30VOcNFzLU-rQXDhXDN8zAZuenLJ1tia8KB0Dg60bBW9kwrsNU2X-UraXPTPqAEv1cOuJIk1SB86dPa3REExXCLJl3kziLPvId1qg191WbLXWlZOXiBlHEGkn_6_30rzo_e7McWVsYSRFz6CvRdAkcd4x46yxISPCALzsqMjTMuJPybHfkb7GZM--liI1Sz2Y-vHfUbBnG8cBp88QdGN-GtJ7b3vvzUu6ohKrvbyZZPqETt45W6kwJ2Ut1sxPTT4EEEGR_fpQCh2qxXjl43lHgP9PC1EFQYQjqiN0y6EDLXr3LGL2wKLNK847SDhDLw3pNRxExUoe3ZDo30rAtQciDuD9_MPjwMBGNQNrZY015iwEYtjEoZHiwF2mZBkC2WPxCYb4uPIAz-S_Y6w7wW5zAH4prNGasD_wzD5ZrRnaB5fuQoePMqSf4MFoWUC7fm2rjHnnZJqJnwFezIgSs193Q7UQzvllORzTIFzERQGPWJUurKECeijcfXBhJ4-jmprQzGDE8UrLDV0gVVolWrXifRkvxrwTzK27lUGXF5r9k3rd0IReW45UnzvgNUb8zjPdUZBFErrm6lCTTYYnXxNc7YOxE4qFN54yXsX7nzjJrogs0gkxDIQmGfhKVZ00CU2iUT8ySiGWjR5_t1OnpFovp0dexl2uqtmDG1cvnK0xE1xxSoaKqW693rRgO_A8T8CVQZQjgqzPLIkRNztne7YNyt8trrv77O5o9n4hE-FXig3Y1yHyemofwc4NLLqVHYfDRgCqraASoaMdruw35q7pl1e4VIpBwJnfawn40msbTmEyxGfULCbiBgPsNjpCXFmdGmYejJg6uDmMzc6_obxr-vW9vcHNUSVQil5p4_EFpVC0HLADi-drlPKLWmdQl_Wu2aQNhX3-Q3FlqHzKetjs1ptR5kzhx7dXXzqGcPWba25LVfj1NsqjGQQQUcdSeA6EHcrmn2tkXi5vgdJYOcQKYsTWvVMy4bw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sci-hub.yncjkj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sci-hub.shop
URL
https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Domain
share.pluso.ru
URL
http://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.yncjkj.com%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=p3U4Tt67T53yBDaK&first=1
Domain
share.pluso.ru
URL
http://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.yncjkj.com%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=SSFundefinedzauxUsxPHFoh
Domain
share.pluso.ru
URL
http://share.pluso.ru/img/pluso-like/square/medium/06.png
Domain
share.pluso.ru
URL
http://share.pluso.ru/img/plus.png
Domain
kitbit.net
URL
http://kitbit.net/kb.js
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d7418248-9ac7-52a4-50ad-8622bcf04c3b&tv=%7Bc:tbC2mp,pingTime:1,time:2102,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D,%7Bpiv:100,vs:i,r:,t:1101%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1092~0,0~100%5D,as:%5B1092~728.90%5D%7D%7D,%7Bsl:i,t:1100,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:177,fm:tUPdohp+11%7C12%7C131*.1627455-73523880%7C1311%7C13121%7C1313%7C14%7C151%7C152,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:29,sis:922%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d7418248-9ac7-52a4-50ad-8622bcf04c3b&tv=%7Bc:tbC2mp,pingTime:1,time:2102,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:27%7D,%7Bpiv:100,vs:i,r:,t:1101%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1100,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1092~0,0~100%5D,as:%5B1092~728.90%5D%7D%7D,%7Bsl:i,t:1100,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:177,fm:tUPdohp+11%7C12%7C131*.1627455-73523880%7C1311%7C13121%7C1313%7C14%7C151%7C152,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:29,sis:922%7D&br=c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go string| allurl object| adsbygoogle function| gtag object| dataLayer number| ifpluso object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| pluso function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag

11 Cookies

Domain/Path Name / Value
.yncjkj.com/ Name: _ga_BX6H58DCXE
Value: GS1.1.1699267051.1.0.1699267051.0.0.0
.yncjkj.com/ Name: _ga
Value: GA1.1.482183071.1699267051
.doubleclick.net/ Name: IDE
Value: AHWqTUmEddapByDzYMBVeEgxbmYqcB4v1Vcg-_lm3Zia6qPTOG2xUFoQGMSvPwmn
.yncjkj.com/ Name: __gads
Value: ID=62a34b65f6b830d0:T=1699267051:RT=1699267051:S=ALNI_Ma86jNt_et2baLzy1Gc3xFysaBuVw
.yncjkj.com/ Name: __gpi
Value: UID=00000cb7003e2928:T=1699267051:RT=1699267051:S=ALNI_MYgbtcDzqIv5UXVjAVHGaZU9aA3Mg
.doubleclick.net/ Name: APC
Value: AfxxVi7Tu8Gh5yT3G3TWK5pXPPL0imrht3d16UMZwhYdHYmlDFF7mw
.casalemedia.com/ Name: CMID
Value: ZUjB7tsxEZSSC0Y2tT8qngAA
.casalemedia.com/ Name: CMPS
Value: 5179
.casalemedia.com/ Name: CMPRO
Value: 5179
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>ywVdn.!@wnfH8K6pQK`!5=E<*L5?%Lxf5LhS5-=<65f/gLhW-_p`phV`9Nz2Dne3j0%nugO%v4VB%nn@l*(j48
.adnxs.com/ Name: uuid2
Value: 8228329000918217300

2 Console Messages

Source Level URL
Text
javascript error URL: http://sci-hub.yncjkj.com/
Message:
Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' (redirected from 'http://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2') from origin 'http://sci-hub.yncjkj.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
counter.yadro.ru
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
img.sci-hub.shop
kitbit.net
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5lzne6.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
sci-hub.yncjkj.com
share.pluso.ru
static.adsafeprotected.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
dt.adsafeprotected.com
img.sci-hub.shop
kitbit.net
share.pluso.ru
142.250.185.226
142.250.185.98
2001:4860:4802:32::3
2001:4860:4802:34::36
2600:1f13:800:7780:508b:8538:272f:fcf
2600:9000:2127:400:8:48e:53c0:93a1
2606:4700:3034::6815:9e6
2606:4700:3037::6815:290f
2606:4700:4400::6812:249b
2606:4700::6811:180e
2a00:1450:4001:12::7
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2002
37.252.171.53
54.76.140.215
64.233.167.156
88.212.202.52
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01f45311fb5c138b3190f1d07f7f65f3395cdea96734ba88d1597a93cce25093
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18103b0ef80dbe15212ceb50b7097a93b604e87a04dee2cc6fafd2c1ecafbe08
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
20b2fcab30b66f640e67386c77865ec85204300da2d58c087e85d924c1ce1f58
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
54cb15acb0c5f40e191701b259fca34a71656a5d07c750de734ce598f5f5255a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
711197aa07a54668e7fff7a39374839e45ab8280853e0d39bf57165aa0a0dfe5
779a12ead2f8af28115c75209ae5f3efe5d7a48a819c36a82e1c77618d4ab959
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
7fcfb23776d259d01503d282cbc08c41570ce3faf33ea8100c4e19cc3417e922
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
9114c41f21406b1ba31931d8c7807dbbb0949a203d727bfdfd72a37408031a3a
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
994df8a7768b9eba78dba23a6d56f8261ca3185499675ae24abe56c37dec7cb2
99ca192a6f3a598aee43242f3f826d3364f7af4472a5d1c202a50ed722d331ff
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02709cdfb2b92e5478796528a40dac630989be6f661567b6da80376fb43f89e
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b57cb671422ac3f78a8d2f9fc6fc984490426a744d2372afae09c262d3de8afa
b60c9901153241fd4cf4a5489675d5e6b7be0da97103f10e0cb7fb0906983ab6
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
b917664bc637902852104e0bc39135fa1c6cd95822db27bc2394623d36e9a8be
be4c19cd03392b9808a06f939d2383f1ad18d35867154835158b71be3e856af1
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
deb4f3813f2cc4476cd26a3056a3b4c112463b38b07e78f1ae557b008fc6a255
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adb0336f1dfe75eab5c87d264c95f99ad586ae3e4faf346b16c970eefcd090
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2776a54f648611b3ceec51b10a0aa2da009ab39677c95d27981d9bb5f3a4656
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc3a88652530dba7878c3108b92de83318da45ec1252c74ffb2be0d250ef9bfa
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28