sci-hub.wf Open in urlscan Pro
2606:4700:3037::6815:5d77 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sci-hub.wf/
Submission: On October 28 via manual (October 28th 2022, 9:52:21 am UTC) from ES — Scanned from ES

Summary HTTP 147 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 28 domains to perform 147 HTTP transactions. The main IP is 2606:4700:3037::6815:5d77, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.wf. The Cisco Umbrella rank of the primary domain is 749696.

This is the only time sci-hub.wf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:5d77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21 42	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 14	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2.18.232.236 2.18.232.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:d23d:5b09:c47c:a9ce	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
147	23

1 2606:4700:3037::6815:5d77 (United States)

ASN13335 (CLOUDFLARENET, US)

sci-hub.wf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:3033::ac43:a162 (United States) 21 redirects

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.236 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:d23d:5b09:c47c:a9ce (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	sci-hub.shop 21 redirects img.sci-hub.shop — Cisco Umbrella Rank: 369844	597 KB
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	433 KB
34	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 213	173 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	216 KB
8	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 71 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	235 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	5 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421	3 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 668	2 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9361	1 KB
3	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 644	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 436	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 638	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 745 r.turn.com — Cisco Umbrella Rank: 3221	869 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1474	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 338	973 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1413	485 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 544	632 B
2	google.es adservice.google.es — Cisco Umbrella Rank: 42821	914 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 846	75 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2754	104 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1563	297 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 869	694 B
1	sci-hub.wf sci-hub.wf — Cisco Umbrella Rank: 749696	7 KB
0	kitbit.net Failed kitbit.net Failed
0	pluso.ru Failed share.pluso.ru Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
147	28

	Domain	Requested by
42	img.sci-hub.shop	21 redirects sci-hub.wf
26	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	sci-hub.wf pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	cm.g.doubleclick.net	1 redirects sci-hub.wf googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
3	counter.yadro.ru	2 redirects
3	cms.quantserve.com	googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	c1.adform.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.es	pagead2.googlesyndication.com
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com	sci-hub.wf
1	ad.turn.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hub.wf
0	kitbit.net Failed	img.sci-hub.shop
0	share.pluso.ru Failed	img.sci-hub.shop
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
147	33

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.es GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh

This page contains 23 frames:

Primary Page: http://sci-hub.wf/
Frame ID: 9D6963CD52E692FC7EFE2C214E11B25E
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: E60898F018FC6E87F49CEDA4B8678437
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&adk=1812271804&adf=3025194257&lmt=1666950732&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsci-hub.wf%2F&ea=0&pra=5&wgl=1&dt=1666950732566&bpp=5&bdt=854&idt=369&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7996811240324&frm=20&pv=2&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=386
Frame ID: F848BCFBB5FFCC54F978D9D4E337D3E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&slotname=4246281558&adk=3471378199&adf=2987723014&pi=t.ma~as.4246281558&w=528&fwrn=4&fwrnh=100&lmt=1666950732&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666950732571&bpp=2&bdt=858&idt=387&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1QmnFoizPk&p=http%3A//sci-hub.wf&dtd=392
Frame ID: 7F8FD8AA54B0DD26A180B9D4F0B3A3F2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=840009040&adf=2385552667&pi=t.aa~a.2873812152~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280&nras=2&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=5791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jqMmSqS0bl&p=http%3A//sci-hub.wf&dtd=9
Frame ID: 9C5440C903F6EBC60D4CC87E21D285EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12
Frame ID: 81A14CE7833EB03FAE69EFF5F37FA08A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=1049116157&adf=2259083263&pi=t.aa~a.2054722437~rp.3&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2043&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280&nras=4&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MUiHMd6YbN&p=http%3A//sci-hub.wf&dtd=15
Frame ID: 6894ABF6952A64C7CB3561670035B1EB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=vmEke3jPxt&p=http%3A//sci-hub.wf&dtd=18
Frame ID: 641DB3D5004ED6DFEA560B35B5B1C12C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.3357258965~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=iR7C6GopUL&p=http%3A//sci-hub.wf&dtd=21
Frame ID: 6B78B7FF7DB5F31B67EB247E042FDF93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25
Frame ID: D089895B8C37FCA81FF0B4BE3968277B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 60B98D32B9F67A944FE71417A90F3A1F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A2F4244304DE1167407009736DD90A4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 152538E26390F9527859ABEDC4608E81
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A4BA288C60807DFADE1B60EE72E51C4B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 930CAAAEA8EBC05016215E232FABE18F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B626A9DB8B7C0571169F5D28E65196F3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FBBBE56A07B849B9CA9BF463763A601
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E4BF8B47EF69765F410948C5D1BC4BD1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 0B7B20796CD1AA10406A7A82BBC229FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: 91786FF329D406576D5B9A8F3A087418
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: DE6D061B6F0BDC956C11035C66D69913
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBAB250CD2E8578927214374762E28A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6794B95E5BE9F1360CB932A1B716942A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sci-Hub journal:latest sci-hub mirror links

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

147
Requests

72 %
HTTPS

57 %
IPv6

28
Domains

33
Subdomains

23
IPs

8
Countries

1657 kB
Transfer

3719 kB
Size

30
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://img.sci-hub.shop/scihub/jquery-3.1.1.min.js HTTP 301
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js

Request Chain 1

http://img.sci-hub.shop/scihub/jquery-ui.min.js HTTP 301
https://img.sci-hub.shop/scihub/jquery-ui.min.js

Request Chain 2

http://img.sci-hub.shop/scihub/openapi.js HTTP 301
https://img.sci-hub.shop/scihub/openapi.js

Request Chain 3

http://img.sci-hub.shop/scihub/medal.png HTTP 301
https://img.sci-hub.shop/scihub/medal.png

Request Chain 4

http://img.sci-hub.shop/scihub/key_1.png HTTP 301
https://img.sci-hub.shop/scihub/key_1.png

Request Chain 6

http://img.sci-hub.shop/scihub/top-back.jpg HTTP 301
https://img.sci-hub.shop/scihub/top-back.jpg

Request Chain 7

http://img.sci-hub.shop/scihub/logo_en.png HTTP 301
https://img.sci-hub.shop/scihub/logo_en.png

Request Chain 8

http://img.sci-hub.shop/scihub/raven_1.png HTTP 301
https://img.sci-hub.shop/scihub/raven_1.png

Request Chain 9

http://img.sci-hub.shop/scihub/map.jpg HTTP 301
https://img.sci-hub.shop/scihub/map.jpg

Request Chain 10

http://img.sci-hub.shop/scihub/about-marker_en.png HTTP 301
https://img.sci-hub.shop/scihub/about-marker_en.png

Request Chain 11

http://img.sci-hub.shop/scihub/quote.png HTTP 301
https://img.sci-hub.shop/scihub/quote.png

Request Chain 12

http://img.sci-hub.shop/scihub/quotenext_en.png HTTP 301
https://img.sci-hub.shop/scihub/quotenext_en.png

Request Chain 13

http://img.sci-hub.shop/scihub/pone.png HTTP 301
https://img.sci-hub.shop/scihub/pone.png

Request Chain 14

http://img.sci-hub.shop/scihub/ptwo.png HTTP 301
https://img.sci-hub.shop/scihub/ptwo.png

Request Chain 15

http://img.sci-hub.shop/scihub/pthree.png HTTP 301
https://img.sci-hub.shop/scihub/pthree.png

Request Chain 17

http://img.sci-hub.shop/scihub/people.jpg HTTP 301
https://img.sci-hub.shop/scihub/people.jpg

Request Chain 18

http://img.sci-hub.shop/scihub/join_en.png HTTP 301
https://img.sci-hub.shop/scihub/join_en.png

Request Chain 19

http://img.sci-hub.shop/scihub/joinvk.png HTTP 301
https://img.sci-hub.shop/scihub/joinvk.png

Request Chain 20

http://img.sci-hub.shop/scihub/jointwitter.png HTTP 301
https://img.sci-hub.shop/scihub/jointwitter.png

Request Chain 21

http://img.sci-hub.shop/scihub/joinfacebook.png HTTP 301
https://img.sci-hub.shop/scihub/joinfacebook.png

Request Chain 22

http://img.sci-hub.shop/scihub/pluso-like.js HTTP 301
https://img.sci-hub.shop/scihub/pluso-like.js

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9zBqHtTmfRRz1UKh_rzj774Sbouf1djEQruR7h6EB8ozhaluz6zy-S-9SxJODrJM8g039Y5kSduDSh5T4xEpEBmBFOJKANSTumYrkZJ4is_H-d-8kzh2Tr-9grRHQBIEI0SgnguZ2WG13uAiBAyew&google_gid=CAESEKBttKxCPVIU2y9NNhsG3nY&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCM7M7poGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVptUHhnOXpCcUh0VG1mUlJ6MVVLaF9yemo3NzRTYm91ZjFkakVRcnVSN2g2RUI4b3poYWx1ejZ6eS1TLTlTeEpPRHJKTThnMDM5WTVrU2R1RFNoNVQ0eEVwRUJtQkZPSktBTlNUdW1ZcmtaSjRpc19ILWQtOGt6aDJUci05Z3JSSFFCSUVJMFNnbmd1WjJXRzEzdUFpQkF5ZXc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDg5aXBBbjlsRkxELWlmTW5sTzR6c0owdFEzazZNYkxMTlJJMmI1Y3dCcw==&google_push

Request Chain 105

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKY6rBiL0AAKL0ThZoqZWp8&google_cver=1&google_push=AZmPxg-ckIpdIjs54kjdS9oPgvl3y7H6TmCs0PoQEhmtSgmAewBdtYn_21e7WOYUtR7Y_ar4V3eiwNyK5iH2hbeUL-e-tu8uV93KgkclawNHOoxj3Z4rfj5a_WWSiqIzZytGeGyCq1BjXoBOCqIH6VCPDrk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKY6rBiL0AAKL0ThZoqZWp8&google_cver=1&google_push=AZmPxg-ckIpdIjs54kjdS9oPgvl3y7H6TmCs0PoQEhmtSgmAewBdtYn_21e7WOYUtR7Y_ar4V3eiwNyK5iH2hbeUL-e-tu8uV93KgkclawNHOoxj3Z4rfj5a_WWSiqIzZytGeGyCq1BjXoBOCqIH6VCPDrk&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1dp_OMP0TlWBi7-iPQ9Hpw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-ckIpdIjs54kjdS9oPgvl3y7H6TmCs0PoQEhmtSgmAewBdtYn_21e7WOYUtR7Y_ar4V3eiwNyK5iH2hbeUL-e-tu8uV93KgkclawNHOoxj3Z4rfj5a_WWSiqIzZytGeGyCq1BjXoBOCqIH6VCPDrk

Request Chain 106

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB4ItZbFp7rwSCVmO_3JH0k&google_cver=1&google_push=AZmPxg9AIjchBzydJFCArPwZAOnO9bhZYcZBNBNE8UmRszL8kdy5my1ukpVsZlxCscmWQQYJKs_WmBVVMkbHYec3V_LtG7N1NHf_rv76nlo2a2uq_0390EpO8GF19_o8jCqiRJkEjAnymBJ1kaWO4qvkAmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMVotVk9G&google_push=AZmPxg9AIjchBzydJFCArPwZAOnO9bhZYcZBNBNE8UmRszL8kdy5my1ukpVsZlxCscmWQQYJKs_WmBVVMkbHYec3V_LtG7N1NHf_rv76nlo2a2uq_0390EpO8GF19_o8jCqiRJkEjAnymBJ1kaWO4qvkAmA

Request Chain 107

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_cver=1&google_push=AZmPxg_ne-pEoZl4x9UIsQY3og_8JkXJbMH-JTx_BQDjlTg4c0lhIHiIim7QPALASbuTuf1ZuJrUnta-l8kFhnAQJsRUM4OkH8Hc11tOXyBLI-wbI1_JNpQ2q_tfI2QRkgKSnoYqMDSeYJI8JUKJQo3Jfg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_push=AZmPxg_ne-pEoZl4x9UIsQY3og_8JkXJbMH-JTx_BQDjlTg4c0lhIHiIim7QPALASbuTuf1ZuJrUnta-l8kFhnAQJsRUM4OkH8Hc11tOXyBLI-wbI1_JNpQ2q_tfI2QRkgKSnoYqMDSeYJI8JUKJQo3Jfg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg_ne-pEoZl4x9UIsQY3og_8JkXJbMH-JTx_BQDjlTg4c0lhIHiIim7QPALASbuTuf1ZuJrUnta-l8kFhnAQJsRUM4OkH8Hc11tOXyBLI-wbI1_JNpQ2q_tfI2QRkgKSnoYqMDSeYJI8JUKJQo3Jfg

Request Chain 111

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_F0skFKriktyQlUj6jUbhat0U8OaJMb0cEV-Nnr9vB0NtpWTy_SN71BwAFWwdZVLqyq0PIDfIL4GL9pdgZ6pDNaaXvpxa7&google_gid=CAESEDxbattuFB5bQ8ONHzH_7ag&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_F0skFKriktyQlUj6jUbhat0U8OaJMb0cEV-Nnr9vB0NtpWTy_SN71BwAFWwdZVLqyq0PIDfIL4GL9pdgZ6pDNaaXvpxa7&google_gid=CAESEDxbattuFB5bQ8ONHzH_7ag&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwOTUyMTUwMDAxMDU3MzY1ODAzMA%3D%3D&google_push=AZmPxg_F0skFKriktyQlUj6jUbhat0U8OaJMb0cEV-Nnr9vB0NtpWTy_SN71BwAFWwdZVLqyq0PIDfIL4GL9pdgZ6pDNaaXvpxa7

Request Chain 113

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKe9_stMNKIpGMcn4Ycn9G4&google_cver=1&google_push=AZmPxg_juZ7P1rbcXZIhQ8t4kyBDW82D1eeu8tPpiuLxeS8DlR2HuehEYkpcB5-TFXJt-OEN4YK-bEkVKgSIL5W9g3ooflAevJrE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKe9_stMNKIpGMcn4Ycn9G4&google_cver=1&google_push=AZmPxg_juZ7P1rbcXZIhQ8t4kyBDW82D1eeu8tPpiuLxeS8DlR2HuehEYkpcB5-TFXJt-OEN4YK-bEkVKgSIL5W9g3ooflAevJrE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7L_xg4M0QnqA_Xk27P07TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_juZ7P1rbcXZIhQ8t4kyBDW82D1eeu8tPpiuLxeS8DlR2HuehEYkpcB5-TFXJt-OEN4YK-bEkVKgSIL5W9g3ooflAevJrE

Request Chain 114

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECyJczOCVBeaCJxusEZsPdA&google_cver=1&google_push=AZmPxg9pHpg9RIH9Qo0WIfiCY5bziDzrF6vs3M9orH8hDh74XI6c7nDrCXhVdpaInDUtfgK67UlKEZgGcnAWE3oK_ipC4NY9lTKk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMTktNkYxNg==&google_push=AZmPxg9pHpg9RIH9Qo0WIfiCY5bziDzrF6vs3M9orH8hDh74XI6c7nDrCXhVdpaInDUtfgK67UlKEZgGcnAWE3oK_ipC4NY9lTKk

Request Chain 115

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_cver=1&google_push=AZmPxg9IU7S1xXJU9AvQVOcn4eRQHe2xOribuTAtvdRmAC3xFRwEv7w8YRO1Re7n51AYUtqblOPht4v427Z4CnmawVfFsNUQ4Zrc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_push=AZmPxg9IU7S1xXJU9AvQVOcn4eRQHe2xOribuTAtvdRmAC3xFRwEv7w8YRO1Re7n51AYUtqblOPht4v427Z4CnmawVfFsNUQ4Zrc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg9IU7S1xXJU9AvQVOcn4eRQHe2xOribuTAtvdRmAC3xFRwEv7w8YRO1Re7n51AYUtqblOPht4v427Z4CnmawVfFsNUQ4Zrc

Request Chain 120

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOjQBSNwbiO3wWje1rxndDs&google_cver=1&google_push=AZmPxg9QIsaE3Vm-i4fQDfQrOry9Ax8ucX905HzaDAzgVeJcl-asqzT4n17RNmZuEP7yjpn68L7KcNPAtgPEIzoKD0qWeX0rJdg1bho HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYxNzcwNTg5NTcxNjk5MjM0Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOjQBSNwbiO3wWje1rxndDs&google_cver=1

Request Chain 124

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC-uy7pdRV2WcEwFg9IpXb0&google_cver=1&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DYrQYDU1uSEr_u9g_xeOzonhRFCdGg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC-uy7pdRV2WcEwFg9IpXb0&google_cver=1&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DYrQYDU1uSEr_u9g_xeOzonhRFCdGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ0MDEwNTgzNzc1ODIwODQwMA&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DYrQYDU1uSEr_u9g_xeOzonhRFCdGg

Request Chain 126

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELZ87JgQFDUjiDD5gH4URwU&google_cver=1&google_push=AZmPxg-EI9XHtfsG8drVsL5DrsFSD4Gz3E6wN-TN172rtaub2JpmgRw7DnbhhGpSVP4rwktU7JZP4mlYteNbIfaZ70vYMHaDUwHHh1Hb HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELZ87JgQFDUjiDD5gH4URwU%26google_cver%3D1%26google_push%3DAZmPxg-EI9XHtfsG8drVsL5DrsFSD4Gz3E6wN-TN172rtaub2JpmgRw7DnbhhGpSVP4rwktU7JZP4mlYteNbIfaZ70vYMHaDUwHHh1Hb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjkyNTYyMDgwMjE5NzQxODc1Nw%3D%3D&google_gid=CAESELZ87JgQFDUjiDD5gH4URwU&google_cver=1&google_push=AZmPxg-EI9XHtfsG8drVsL5DrsFSD4Gz3E6wN-TN172rtaub2JpmgRw7DnbhhGpSVP4rwktU7JZP4mlYteNbIfaZ70vYMHaDUwHHh1Hb

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

http://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1

147 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sci-hub.wf/ 27 KB
7 KB 524ms
241ms Document
text/html 2606:4700:3037::6815:5d77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://sci-hub.wf/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:5d77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d5261b1110f78d5e07eac1be4f0f09eae9520a5845f16f12d70b6083c27758

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7612c6f7c988f14c-CDG
Cache-Control: max-age=43200 no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Oct 2022 09:52:11 GMT
Expires: Fri, 28 Oct 2022 21:52:11 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMQ%2FDvy6CVZZY4GAq0w3u1JqzoQ6rHoGEwJMgEaC0I2rzN0Jnnz%2BMC9FWKOuWItJRdLQ0CzPtxzVHx4AFlrkSfOfa9SDu9q7pzHJRz%2F%2BCoxm3kr3D3L86DeJlfoBmW7PAonHM1YiaJ%2BW"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Cache: MISS MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js

85 KB
31 KB

119ms
46ms

Script
application/javascript

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176984
etag: W/"5c00bb7c-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x35nPUl33npu7TAYySaoBCqUo4JzWQ07dPvT9xcHjDNIP4%2BHqi%2BWoh8X3b5DWnd4hbJBFhkLb2tcHAvEHPUBX1zX%2BiEVECaaQ5DTvGnJey2S6wJa7LkrpnI97bPJCsbp8fDMMn0zZdbRvAhW9ruy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7612c6fb7d75867a-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:11 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiaoTGD3wQ1laY9td7nrmPT4GIouDljJzlBWx5fl8pI6mbYmLHONW7ZuJxXqI2eifr08tXPPPIu%2FYw3qOiBQQ9XZXv8krtZm8ZzLgrpggvwoz8dPvQXoWUmoPCvnscnUCDJtnZg0vcOustwV1src"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fabe0965fa-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:11 GMT

GET
H2

200

jquery-ui.min.js Show response
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/jquery-ui.min.js
https://img.sci-hub.shop/scihub/jquery-ui.min.js

248 KB
68 KB

74ms
53ms

Script
application/javascript

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2155777
etag: W/"5c13665c-3dee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0EnxIVkhV%2BTfmMtOeypmDsYcUzlmc7LDZ%2FmQ0f5haWfuziV6EoXr0dStswPY0EG5ZZvvxXlDGc7XNcQAWcVcN2Xv%2FLKDheyaGdoikklvmgYB5a2r%2F9fMElAvaTqp0RhXm9LWW4uatqUckOAUSAJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7612c6fb8d7a867a-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzsNrm79nCG0nOdF2Fu%2B3uJra88uXFZYXUswusLABWR9ggPXa4xatl4JLLs334cD72Yr7FznvF7HNJpmsju2TSpgox7Y5Gp8G23zX5kI%2FeQZc3bzUMMtGOy1SiI7LaYmbQ8%2B6oEDqk0yXzOzCWjE"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6faee1175c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

openapi.js Show response
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/openapi.js
https://img.sci-hub.shop/scihub/openapi.js

94 KB
23 KB

121ms
86ms

Script
application/javascript

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176984
etag: W/"5c00bb8c-1798d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOBGaoUF9Pp7C0MnbyEvMTLsbIvnnz1pvcKSqsVNUhkQ9C0jNQhOy2rplMO5cAiFF5%2BXzVlgI3H5ozzhoYd82U0NCK9XWtwByMJ7mRSXIYGPqJyjEm%2BdEcLBUqjEOfisHd5xh6b%2FfB0bIAo1in6g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7612c6fb8d78867a-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:11 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpPIIu%2BE7AGbl%2BGpMeNhAMhDfIxjPbWG5TU%2F3vdU8GR0gZsl5MlhlStLZh5oBsgei6IV2EEF3G6aywg828%2B8CZhuQiuvv2yJW95WJrkx9XMrQFq0IHmchc7LXm1SiGwy512pfo4mRTEMel8RUikC"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/openapi.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6faeda7f13c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:11 GMT

GET
H2

200

medal.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/medal.png
https://img.sci-hub.shop/scihub/medal.png

22 KB
22 KB

51ms
51ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181628
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oDRztUXVi%2FRYslZ79MMrsj%2FAikFOkZ8XPzDs%2Fn%2BPm%2FIKRWUQswMpCL8r7YIIxwL0LZ5psdpSZhI%2FPeK88%2FZ3l%2B8DhfV%2FUk56JHLeR20WwvidGa5rjSHailbIpx5ZWaNLx0JCKwGjS49LDlTz5Rz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fc8807867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BB6uUIqgz7%2BNmb7ImWxUIWWX6TOtmq4HhI08kc8iyqwaPgDBb0Gp1ybb4kVkmdsPNZPT0%2BNXf%2BHA83wTboy3Fzu7JnqQP9unocEbnlXTph15SVEhlkvHBNyEiIeSu6WgIVhjqdXZLrfg7F5bLZw"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/medal.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fc384075c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

key_1.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/key_1.png
https://img.sci-hub.shop/scihub/key_1.png

8 KB
9 KB

47ms
47ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181628
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rW2Xz4rXQtniwF2Ol7vGxk6GU9fgPXMy6l3hZEDyzjgoxu9mhFljZwh1604DFzzsAc4BBCEwgFK9U80B42A1mvslSo6KuIQyzIz2sFrhgXsc%2FC8uDtPLaYkpO7D3Hnr%2FbM4mr1xLR4FxhU%2Fx5Fd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fc880c867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VcinxZGqLKOwrA4KoLoj1DKC9laJDoSg2%2BvP1%2FL3aeml1QOl4w474Ju93d5V29x7NmeLAGOzWCm8ShV5G54EBGDBptqf0fwShRf4rtP9pfO2TYCH1udODCD1EvL3r9E7%2FJVk0SdPbzyVj0vlR5F"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/key_1.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fc3808f13c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 229ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7696326278603752

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b36fd915c1aa37c9e8c156727be8715a3f88a80307ce6aa7d272602f944014f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Origin: http://sci-hub.wf
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55155
x-xss-protection: 0
server: cafe
etag: 7408981518601271175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 09:52:12 GMT

GET
H2

200

top-back.jpg
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/top-back.jpg
https://img.sci-hub.shop/scihub/top-back.jpg

184 KB
185 KB

64ms
63ms

Image
image/jpeg

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuswF3DqYdxb5FmH8%2F8v0jlfHnMEfTgyKkZL6jk4%2BFCfzJGlozImG9jDauy7k0JLTXLOgcakNlY49Lf%2FWn4kKOtFYneP%2B8nxC9YhBb4SHpyHVGSWUZrSCeaFQVEscxoqSUYnoszqoh8ZtBNnBQJK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fc880f867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8x%2BpRSWFcgSiQ4QoxmTx1JswRiifECxVlahtPSKaanTIFsIex9fEnmxM4rHrkCk4UxkZd%2FmGHGh36dod9wq8W9nmZJGFGWvgunvVThPi0CtBxc7eay7FEo3MYtPwV6PFR9epvKuwBCXKESv7brV"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/top-back.jpg
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fc5a6d65fa-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

logo_en.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/logo_en.png
https://img.sci-hub.shop/scihub/logo_en.png

14 KB
15 KB

44ms
44ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEL4TCY%2FfOiFazvBPbo5m79Bjp40LMqoN6KW54Q88vRI1qaxSqtZczyZh9GqbqCqT3%2F4i8u7kqYCaUFA1g9kbNd3TCvae0yCABXsbWfWjuZwH374sPbUqDI9CTK5QeeSnA521bEW3dK7ZEfr%2F1uz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fcc89d867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meXOQFwhf4tTwhTiYGQBUVWSAzVCd%2FMJv3kY816SfZthMSoQnapXD4kRuQYzrK5VZo6yD46c5HVivFvBvCoLScnuyfcXMGR2mpJEl9eQnx0qXLVCUb1qwz7pSolDPREFKk4aEcPq2kaK%2Bp0zBKWu"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/logo_en.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fc8fec867a-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

raven_1.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/raven_1.png
https://img.sci-hub.shop/scihub/raven_1.png

59 KB
59 KB

39ms
39ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9j2KOrcyfmO1arBMs3vNR8AGTAgLmAQS40xNujTPGWmk2Ct5DE5uagxjJnVkGgQ0vsJ%2FriBC%2B2%2BwdZRZTqBYsGWM%2Bw1%2FkuZHAd6z2%2BCbLMfOc86o8GAZCwce4iWAgs8rsI0LSNM9XZnI6ZAGXc0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fce8f7867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpDpTFiJEMknwQD3cfPxJkpgDn0pREbcgDIpgU9V7AQpwQ%2BM%2BOfu%2FiloUhitUNJIBncTwuywoMWaDZ4PWwN6r4yw%2F7fmi5YX1GKnCPrSeQMDVuJZZZIh8z89tX%2BOdtFOyymABnuZ59YnThdlMc6J"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/raven_1.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fc98ea75c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

map.jpg
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/map.jpg
https://img.sci-hub.shop/scihub/map.jpg

54 KB
55 KB

49ms
49ms

Image
image/jpeg

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KmIbZv05jmoF8xhcpR8fGGX5dPdFzGUby11N13deySBC1bKubTrFaXd%2FJsekcQdZecgZlnd0xLWt9pIkIham3m3SASLRQPMJf0FJNTBWtSPx%2BHUx3nI0DwSolW%2BUMHr1z01km7BBJgeIIghuiVw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fce8ff867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZHYbDPO%2BrYS%2BTjW%2FftB%2BEl5bAxtpNTor3c53X28pfKhKr4N15Bjy6uypBB2%2FUcLtWuS1wsoQ6wTh%2BoNnbr0xbWQDS4vdf2119bbL9uqOy8jBUR1Q42BVevZoA2R%2FFhlhIemyIwmIVwacGXSmAS0"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/map.jpg
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fc98a6f13c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

about-marker_en.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/about-marker_en.png
https://img.sci-hub.shop/scihub/about-marker_en.png

3 KB
4 KB

52ms
51ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyZSSsTx%2BRiJQz0Bymimj%2BJ64LG32Qkt74RMaJ7rEQewjQ0a4qiS1%2FhRZrwEJIV96ydp0zpuIGpcwrYCmWx6PwqLzwgYCt%2BhNZqrVUeeJkxeWxsw%2F5T8uuBAeivb53MyYkOnd9eKJT3cPYdjGRlZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fd6a50867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G552xiPe8HK%2Bpx5SN4tmiKL1z%2FoN74W09YgqZY5KVqAD%2BqQZ90cow66OsWZ2XnQASGX2NKHpAp%2FTPNFNyT%2BVZfAgQCWFJ%2FDG%2FttEDkOysZMAhNcm%2FTU7yFDc%2BlIZBEPxG9IAxJC%2BrKOeqxcVbS91"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/about-marker_en.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fce8db867a-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

quote.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/quote.png
https://img.sci-hub.shop/scihub/quote.png

1 KB
1 KB

48ms
48ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F1pznIHXePvG80VNfuTF33NzVApYt3nYigLnmuHXTEOGtYCzM6Ig7b35g0AZyUTVo86M8T1E5LGtQHSX62yBAQG%2FypGq%2Fa4MVNVH9hcV0HQ6O17csviDwTRMWmD1oKRoqacgoWIE3Ln5USGu66u"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fd6a58867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqhZFRG6yWMSsXYde5XYpEe4jBSYlFg3Zx1%2BbEzb1VMp44%2BrYIY4PxeDvMj7I9CBaC6DUZL6SAZ%2BUDxKXrJSKV9WmSUeAIZHxaJ68avKtQ4p7FLhhe0VPAEUqhhM69L0qOhRYKIAw8A6hKtSk2YG"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/quote.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fcf976f13c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

quotenext_en.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/quotenext_en.png
https://img.sci-hub.shop/scihub/quotenext_en.png

1 KB
1 KB

39ms
39ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZgkXelwLi7zripB2RstayaaglYjVKyJLY0xQXorjcIuiaoDwEIak0ouGhXH5iiuZEIUzE88UND3JAF2sSHKfgm2rqu77jDgueGYHZ68u0Wa%2Fd%2Fkll65lzkiqLH%2F4xRZR5g8f7fBeOeUfYmw6cKW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fdaada867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITIg8W%2F9q1A1p25lZ149SyCDzTvkAbyYsxDoUso0y2XfGtnJMsvyo57Fyb3RmSFB0Up3fNeH%2BhrHlO%2F1PI8za75nupX2DlVMaLJFTPA9mfWk%2BwlcE7GBB3e9gQHLsXP4CUEpy1oekyrK6W%2F7QLIY"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/quotenext_en.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fd19e375c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

pone.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/pone.png
https://img.sci-hub.shop/scihub/pone.png

2 KB
2 KB

42ms
42ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSvnPw1D2g9VuSingmpKIrlP3BaKQwzj%2Bcsn2xnuv0svmEc6RNovmcigzbqbeiSVNqvF%2FrEf7p3iSP2wl2y8Bg8qjfGlH2RysubLve2z3qcoCoM01NWab4sAKLFbulcvPlCJWiWkTBVvlvaWfrdw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fd6a56867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7raqDNDDjSbqbNIIhRZHTyOh0n4fmyxw4y7kAbWxl0BHzaTlmX5M6MZrICUwN%2FXjHagBpq21oHIm6KALXOp9L1NSr2upJ2Z5CdIzD71E1HBuqxV1fNLTXdZD1RqYSsv79NV3Cyl05Z%2FnVugvRJ3J"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/pone.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fd0c4f65fa-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

ptwo.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/ptwo.png
https://img.sci-hub.shop/scihub/ptwo.png

4 KB
4 KB

43ms
43ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5UDYnL0gy%2FStkN0f43hGjuTBUXWniCv0avjB%2Bl5mJO1uXNWlUjCJ%2F6hItC0EsBiQylNNcLmWDtDgC2fwipKV4hYr2UZ3OGsRLxSvmb5spNr9ANuOu4dV3Yitzgq5WaIInG3Qyl6eop%2FuQU86fuQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fd6a59867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwLTJesvSUiix%2BvwvPG2Iez0Vgy9nT6jH%2FGVhpXUseuvglnRW23iKygXk1wKWq9w%2FyvS5PexIt%2FmFxK9mKcYpqduEJniUlWl1KQGPzIH8xHq0ZUNGxyG37wZM2hBTmfSAIYpaEfvtQx%2FOZ8gIfKF"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/ptwo.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fd299c867a-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H2

200

pthree.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/pthree.png
https://img.sci-hub.shop/scihub/pthree.png

4 KB
5 KB

43ms
43ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 179510
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMUhODr8gf1Eo%2Bh8J52IJuqKmOxDV7yrrZe4oVQ2Ss6UfIhYgxoAN5m%2FqGn8VoGdkU61unl9k7FVzZnyAcu06nOAg8jt0xan55UgCCQGXK9mtzkGAi%2BfX%2FUb4mYHHyI6qYJpgO9H%2FEmRtKQjNfvc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fdaae0867a-MAD
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIEJKx%2B79xBW4skYZwHPCnV6qPPom8SdbZEpE%2FiFymafFc0Hv2r4qCDfWrzk8GTDGdXJ72Uazp2Rw2fFYEEb82Kk3NuKmjR1Xl549SHFb2z8OkZTjNvBlQFNXOXwHg7h2IqHu51BfQOmUfEW4QZI"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/pthree.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fd4b5bf104-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3

200

people.jpg
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/people.jpg
https://img.sci-hub.shop/scihub/people.jpg

50 KB
51 KB

396ms
395ms

Image
image/jpeg

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H3
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2008241
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvDVGfHX9%2BH14Fnt9GOUWlZ9GTOnHea7szTbmliJCt0B9vztM7HslQv7uj%2BxkKJI649n9NGDRyOqTFmsH94gYsnOm9OefPB2QAMmCl2R6R6oLiHyyNOduGXhogO22OD969rtss2rYnSaaI5ynbTq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fe2ae4d099-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ni3RaDHo2faHzlLNEk2t616KGMMgdoXH1gCWcVT1v2oxH8eTSWTN8M6RWWX0Vd04cIkIysqpzaCdg9jL%2F%2B8u6MwCrxzehMp8%2FL9xPJ2lXfKmSaINRMY6Ku6SwOJFduaOs8Dl8RG3%2BfctRfot3JTL"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/people.jpg
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fdbc21f104-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H3

200

join_en.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/join_en.png
https://img.sci-hub.shop/scihub/join_en.png

6 KB
7 KB

291ms
291ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H3
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2008240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gulvBr%2FvefzabVVIh0fW%2BoLtWvq2f6JfNy7RzXPnsPVM4tpB8k2Pdkos9PqOZqLTvXF0s6I8vA2916QXau2nR%2B9GrtUU4sA9vHHPcPKiyF3eXoD96T0SUTveS9kIJXddwZUC3RoRsRhw6Psu7q1A"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fe2ae0d099-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyA2kdpAQ0LdO4ysebvPjbC636LWMye7LuVoNVzOBFAp2LfTmoBFScPtjJuVgLtqa4oNr9MGHw6q%2FS4rVopbfxlD%2F0QRAh%2FsXyBs7fIAOl1995Ys%2BORA3knhkfkhSPV5614xyAF6SWtRaA7Ifsrn"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/join_en.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fdcadc75c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H3

200

joinvk.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/joinvk.png
https://img.sci-hub.shop/scihub/joinvk.png

17 KB
18 KB

81ms
80ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H3
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2008240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdwle%2B2S2%2F2hNguMfgQ81GU2J4vksxQvWlE0XvE7gG9hhBAr0s9cAcAVFKnCRDlWIKZdQa7apFQA4CVyGwlBCplFYdJgT178ptOXu9PC3%2FAuHOZk74Wd4Ym1Wkc3EfqCl5W9lB59DAjOlXxQr9Ru"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fe0ac3d099-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlDlEuANdpynn4%2BSGRpYUJJx%2BQYOtsyUyawoFjk7hhEtTdTZ5YpUeVm3zxdCzGKEgS9OAUG%2FhRWNA8WH2ibwoSYRW9j6eR%2FulsqFFuo0A4zIYvywSGg4iU5q6ZNgc3wxH5ipApCJatbOQDTXDtu%2B"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/joinvk.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fdbb0e867a-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H3

200

jointwitter.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/jointwitter.png
https://img.sci-hub.shop/scihub/jointwitter.png

6 KB
6 KB

3329ms
3328ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H3
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2008240
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1nvBL8xVV%2FZSAPy66Jn2hTdNIffHiOuz7aYTKrPziw1AYgdQI2vTkHWPrPSq%2BF4yiJSmsHevg5S8ZsjwyoBvzOpYuKIOp0r1o4F3XcRIJ7JW8%2BBAb5BBUcJAptGMXBBGKRTUxzlYKQUf0qb7Xp9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fe2aeed099-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJzp%2FSlv%2FOnHzQxqcHLk%2BrMrei23MA0gpmLmOAopbkd9IsktPxfO5%2BNiaoBYBlTggL2zuk1FY0zMiLEPbzcilVzKFGx1VFe%2BAUJ58HN%2BKHh51Xzj%2BU15P45WbZbpjZGuudzO8kCiIwxnU4PfNtsp"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/jointwitter.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fdcaeff13c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H3

200

joinfacebook.png
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/joinfacebook.png
https://img.sci-hub.shop/scihub/joinfacebook.png

4 KB
5 KB

3705ms
3704ms

Image
image/png

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H3
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2008239
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvNNdavaO3KSze1UbZRV3XQTO5rFDWSP4bN5TIAQH%2FQJNXTR3xNLoNBSPUxhGntQlKrH88vh9RFX6oR2qGvkkV0tAnsnCwuVYpLl3wjqNuT88MxUHjNwxP084sU2Jmn2mR0nbHYmljMDNCOZz%2FH5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7612c6fe3b00d099-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sa4IvYAwec3gvOuCfijErplFUQQMJobWIkWoEc2E0KRsZ9DMM7fdzXbnjzQsUmkti8FL3Fei4Efa853dnI4ouKHv%2F2zJE8KtyVCIK%2BtDC4NKnMwiPTdUWt99E1WEkvyqIEACBLwdGhx2mfguoxTG"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/joinfacebook.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fdeef765fa-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H3

200

pluso-like.js Show response
img.sci-hub.shop/scihub/
Redirect Chain

http://img.sci-hub.shop/scihub/pluso-like.js
https://img.sci-hub.shop/scihub/pluso-like.js

41 KB
13 KB

4435ms
4433ms

Script
application/javascript

2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H3
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2008239
etag: W/"5c00bef8-a5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Vt4aYLR9C%2FPcezSt7x3iMrL5OGNLqb54a2gEgdZyKtocp3c0Bqf6yFnkQT43yoZeJkX1VfuRehhei88OUqOb3W2NLGiwKn5viYHG8qhLDvHE0gI72%2F6liAYggvLtt91PbiRHFV71MOPKNv9wQqN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7612c7001ccdd099-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Fri, 28 Oct 2022 09:52:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpQ9diCCBBfZgHNjh55dTfjm3e7J3vwFTZYz%2ByDUvSuUiXz6BW%2FQjeFHQOZ%2B3FT0XRdqdqgsOBESNrS70x64u7D%2BjSVtCBhwLQtXv13GMJ4CJoUDy1OvCE9p5HEE31aB770%2BrmGzpZycp%2BCif0Fv"}],"group":"cf-nel","max_age":604800}
Location: https://img.sci-hub.shop/scihub/pluso-like.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7612c6fe09b375bf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Fri, 28 Oct 2022 10:52:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 353 KB
116 KB 225ms
98ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7696326278603752&plah=sci-hub.wf&bust=31070540

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7696326278603752

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cd5b353bd0cde985ac4d6f148c9458243fec04418cbae5bfda79e0322276931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118887
x-xss-protection: 0
server: cafe
etag: 16407923211428645163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 09:52:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame E608 10 KB
5 KB 194ms
59ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7696326278603752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 8508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 07:30:24 GMT
etag: 9671129459699598864
expires: Fri, 11 Nov 2022 07:30:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 238ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.wf&callback=_gfp_s_&client=ca-pub-7696326278603752&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7696326278603752&plah=sci-hub.wf&bust=31070540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ce3abf632b319efe1496dd0ae1fcc4500d323957eb46ce0061483b64d820316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
792 B 253ms
87ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=sci-hub.wf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 231ms
86ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.wf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 103ms
103ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fsci-hub.wf%2F&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F848 131 KB
39 KB 719ms
571ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&adk=1812271804&adf=3025194257&lmt=1666950732&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsci-hub.wf%2F&ea=0&pra=5&wgl=1&dt=1666950732566&bpp=5&bdt=854&idt=369&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7996811240324&frm=20&pv=2&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=386

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95924cbeb84d586649fbfebce3a54b9f08039323b19539d8d3eac7e40bf9f8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 40157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:13 GMT
expires: Fri, 28 Oct 2022 09:52:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F8F 65 KB
21 KB 1366ms
1228ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&slotname=4246281558&adk=3471378199&adf=2987723014&pi=t.ma~as.4246281558&w=528&fwrn=4&fwrnh=100&lmt=1666950732&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666950732571&bpp=2&bdt=858&idt=387&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1QmnFoizPk&p=http%3A//sci-hub.wf&dtd=392

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a38ef201f0556be680aa14176513963db28469ae791b5c2fd75e84cab2fdca47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21148
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ 151 KB
51 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/reactive_library_fy2021.js?bust=31070540

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1b3ef54a356d12cb9dd57ac88476cc9602730125b54dfc9b49d52e5a97b52e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52397
x-xss-protection: 0
server: cafe
etag: 5571003971817068024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 09:52:13 GMT

GET
H3 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
122 B 197ms
67ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=sci-hub.wf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 195ms
67ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.wf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C54 430 B
229 B 425ms
424ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=840009040&adf=2385552667&pi=t.aa~a.2873812152~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280&nras=2&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=5791&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=jqMmSqS0bl&p=http%3A//sci-hub.wf&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afb6283a60b1ff0fe94db14cdce189002d75fcd49ea539161abb4a40968d516e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81A1 95 KB
35 KB 457ms
456ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

155d781771f72d944622119f838f4533e7bb5be98e6c38b01f595c3f1a365197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6894 87 KB
32 KB 448ms
448ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=1049116157&adf=2259083263&pi=t.aa~a.2054722437~rp.3&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2043&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280&nras=4&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MUiHMd6YbN&p=http%3A//sci-hub.wf&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2306c0c625ddc6737c607b01910d05dcf2e2036fe3fe00d2882196bcaaa5df30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32963
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 641D 430 B
231 B 472ms
472ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=vmEke3jPxt&p=http%3A//sci-hub.wf&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3938d65a77ce9f2adc3c33a5cbe3200cd6fdef635eac93d3739f1dcd2eb2306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B78 430 B
231 B 407ms
406ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.3357258965~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=iR7C6GopUL&p=http%3A//sci-hub.wf&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

447e3b53f981c174f7f696ff1657e745e86ada5442dde6231bdfe0ada301dbc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D089 100 KB
34 KB 482ms
482ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b4bc09c0d39c4c6df75ba5b32e8456f9aea981cc64edac6d45f041050a9a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34623
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame 60B9 10 KB
4 KB 63ms
62ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 53115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 19:06:58 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 19:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 60B9 9 KB
4 KB 238ms
84ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H2 200 40f44225e0a1c31e628c89e0882e5f2b.js Show response
www.gstatic.com/mysidia/ Frame 60B9 10 KB
4 KB 241ms
88ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4273
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 02:15:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 60B9 8 KB
1 KB 232ms
80ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 09:09:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 60B9 2 KB
847 B 241ms
90ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 60B9 23 KB
10 KB 223ms
73ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 07:39:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 60B9 3 KB
1 KB 242ms
91ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 08:25:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 60B9 17 KB
7 KB 229ms
79ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60B9 153 KB
48 KB 243ms
89ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 60B9 33 KB
14 KB 221ms
71ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6894 6 KB
672 B 199ms
73ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=1049116157&adf=2259083263&pi=t.aa~a.2054722437~rp.3&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2043&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280&nras=4&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MUiHMd6YbN&p=http%3A//sci-hub.wf&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 09:02:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6894 2 KB
765 B 291ms
167ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6894 0
0 107ms
106ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM455TaZbY5uWNY-nhAWv4Z7oDpz10tpsur-Wj-QQ2tkeEAEgv7n7JGDVtdcCoAHNx4DzAsgBCagDAcgDywSqBNwBT9Biz2aaANgL9kETNtN_LWfr4JqZq35iuvmXZJlbt5s-hb2lWu_GRdazAWefVkaFlJqQvLjqAPSvzVAiv-t-Gw7qOmZtKawD5qliuBcUoLEX8l9NLM41yexmzyNp2ZCkodbVOfF5pMpLg_c9oop_XtG5n7YLRL-9Jz-ZfDPFPRFIsBsS7nnhit43ZnADgbj3kBBfxJEE3liuWUjwU6CZ7oDE3pj3JbveuI8etlNS74UH4t8lvE8gCMgxtBnu7qnJVVwchujVyap-tSAxj8dX4S1dCUMCB94xBYz7VsAEzaOy-44EkgUECAQYAZIFBAgFGASgBi6AB5u4_4wBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQkDXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzY5NjMyNjI3ODYwMzc1MhgA&sigh=k_kZIYpEyf8&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=1049116157&adf=2259083263&pi=t.aa~a.2054722437~rp.3&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2043&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280&nras=4&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MUiHMd6YbN&p=http%3A//sci-hub.wf&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 09:52:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 84c8dfa227218a7b436003265dc6c69e.js Show response
www.gstatic.com/mysidia/ Frame 81A1 9 KB
4 KB 188ms
64ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84c8dfa227218a7b436003265dc6c69e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 17:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4170
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 17:49:09 GMT

GET
H3 200 40f44225e0a1c31e628c89e0882e5f2b.js Show response
www.gstatic.com/mysidia/ Frame 81A1 10 KB
4 KB 189ms
66ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/40f44225e0a1c31e628c89e0882e5f2b.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4273
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 02:15:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 81A1 8 KB
895 B 173ms
72ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 09:04:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 81A1 2 KB
765 B 73ms
72ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 81A1 23 KB
9 KB 157ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 07:39:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 81A1 3 KB
1 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 08:25:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 81A1 17 KB
7 KB 159ms
61ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 81A1 0
0 87ms
73ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4UdOJ62N_7NfAnbWclAX16WYgiHP0HNOlB8g3F37kSTPcgboiSbdzyWVdkXgrPe6fbtWLfaqCfh9lcHmXJZOVdTP5mQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81A1 153 KB
47 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 81A1 33 KB
14 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11013641689704271157/ Frame 6894 13 KB
13 KB 216ms
119ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11013641689704271157/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5736301424fb5bf6f76840e389cdd34cca45955df4c6cd84da2e86e8e5f5e3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:27:52 GMT
x-content-type-options: nosniff
age: 177862
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12969
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 16:21:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Oct 2023 08:27:52 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17845627794297409286/ Frame 6894 2 KB
2 KB 234ms
137ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17845627794297409286/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60983a652a2e085e33149a89dbab339929a4944dd276e326e5da96ccc204a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 08:17:44 GMT
x-content-type-options: nosniff
age: 351270
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1586
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:25:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 08:17:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 6894 23 KB
9 KB 152ms
71ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 07:39:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6894 3 KB
1 KB 249ms
168ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 08:25:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6894 17 KB
7 KB 239ms
159ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6894 153 KB
47 KB 305ms
181ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 6894 33 KB
14 KB 185ms
80ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A2F 143 B
166 B 61ms
61ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 2212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D089 8 KB
895 B 133ms
70ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 09:20:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D089 2 KB
765 B 229ms
169ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame D089 23 KB
9 KB 151ms
91ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 07:39:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D089 3 KB
1 KB 189ms
169ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 08:25:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D089 17 KB
7 KB 165ms
105ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D089 0
0 214ms
74ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPK2kXgBoKrOQM24e_V2xU9STCFQrTuecPOmliBhjVHbmXAzFk7RNp8b4WJir2PhTa_wNeVZsAJRaPQNT5oW0rIQ6wcw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D089 153 KB
47 KB 261ms
197ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame D089 33 KB
14 KB 144ms
100ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D089 0
0 109ms
109ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClP7OTaZbY73ZNZCJhAW7-qHgDfq1tI5t-4noq9EQjMC1q64BEAEgv7n7JGDVtdcCoAHD1orKA8gBCakCMF0s1lHDsD6oAwHIA8sEqgTaAU_Q7FZAdX_0LZjZn8EltB4rHOWgcbYV47zQZ4sQrk41pf9TId02KDBeQUHsxXRk603i7UEWQ8ILy7TM2Lt0pMBL-ME0wuuiGaRYx1zRr7Wk57WiqyZsu5V4rvZ0SxK6Ly6Ry1gyhX322shkRV651AmFMXgt9NXWK0Q1BRChJi0PDE_lsddrEYnt420Z-BJX2MUgGgcfqWshiiSjGSWTkQFR0KSOsBXZrWy6Ncq79IGUUhnyUJPMEzKVNZ-sXwqCss9Ju3yenktnedp9vg6-WP0lX1w1PaBtIufowATJjdW7mASSBQQIBBgBkgUECAUYBKAGLoAHxoOsG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEJA10ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGYDPHKnfqIBLgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItNzY5NjMyNjI3ODYwMzc1MhgA&sigh=Izakklzk_ZQ&uach_m=[UACH]&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 09:52:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 13498429312881980708
tpc.googlesyndication.com/simgad/ Frame D089 2 KB
2 KB 153ms
137ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13498429312881980708?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

378ffd0f703abbdceedb97107fb7acfd0772b1619d4a68b0f20d530e41b98134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 20:25:19 GMT
x-content-type-options: nosniff
age: 394015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2150
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 15:06:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 20:25:19 GMT

GET
DATA 200
OK truncated
/ Frame D089 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 7F8F 8 KB
894 B 78ms
77ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&slotname=4246281558&adk=3471378199&adf=2987723014&pi=t.ma~as.4246281558&w=528&fwrn=4&fwrnh=100&lmt=1666950732&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666950732571&bpp=2&bdt=858&idt=387&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1QmnFoizPk&p=http%3A//sci-hub.wf&dtd=392

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 08:33:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7F8F 2 KB
765 B 170ms
169ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:48:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 7F8F 23 KB
9 KB 139ms
138ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 07:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 07:39:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7F8F 3 KB
1 KB 157ms
156ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 08:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 08:25:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7F8F 17 KB
7 KB 150ms
149ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 18:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Nov 2022 18:25:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F8F 153 KB
47 KB 121ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 09:52:14 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 7F8F 33 KB
14 KB 70ms
62ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 21:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 12:01:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7F8F 0
0 110ms
109ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRS9bTaZbY72FDO-Grr4PgvagyAOc9dLabLq_lo_kENrZHhABIL-5-yRg1bXXAqABzceA8wLIAQGoAwGqBNUBT9BsRNhxm2KEMLui0qUeI0QIPs_Rr5-zZeQc7N1IRWgEZI-5uQP1TYarVkyM2s16-eJqw9PcPgYaJkkd4yGvcPTrOfKObdjqY1jKRDzEmvlntsOvQ7xtehiwgGWhb5s9rz5Ph7vy1-yjHya62G0l8QzAcEI8hHqbT3BmQt1hZRl186Vwo8dSOIz3nAM3689WYp81Kq-cytTq8si006v25a2cZK1txf14hjVSTaBKACJktkpRRghRn7X7JfJqmNUrBRGE530b8YCkdylKO4sHNl76CzEbwATNo7L7jgSSBQQIBBgBkgUECAUYBIAHm7j_jAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDsedIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc2OTYzMjYyNzg2MDM3NTIYAA&sigh=zrJYxBmb-Qk&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&slotname=4246281558&adk=3471378199&adf=2987723014&pi=t.ma~as.4246281558&w=528&fwrn=4&fwrnh=100&lmt=1666950732&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666950732571&bpp=2&bdt=858&idt=387&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1QmnFoizPk&p=http%3A//sci-hub.wf&dtd=392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 09:52:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7F8F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4A2F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

94ms
94ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1525 36 KB
16 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 09:34:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A4BA 1 KB
643 B 65ms
64ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 78641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81A1 0
0 110ms
110ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGV43TaZbY7X2NMOihQa99YrgB5z10tpsur-Wj-QQ2tkeEAEgv7n7JGDVtdcCoAHNx4DzAsgBAagDAcgDywSqBNwBT9BUpwpejKt1-xwN0g6eU_EmPN_COty_P95qVhR6p9RisD0DzGS2hWJ4I0EFN0dyecI7ko6xf6PEYlumKqutmB83s6z2-r8Gqi4QxfiPudNqZvjfWKR8ypLjy6H0tHn8yQ3RgiDlDTKHBAcmhor_M_7jTb-f3MAkkaVpiz-CRFc3zeHVP26WoecZmdCUTlscXC9fvYXrZ7njq3lGzHd_OCmQENxN4zgmKEHgCUSDcl4bsTUlXbb0S3g7ccknWVE_PFajkC8-XUhXq40DLDoSnlvy9Sc6DvGsJYxtgcAEzaOy-44EkgUECAQYAZIFBAgFGASAB5u4_4wBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQkDXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03Njk2MzI2Mjc4NjAzNzUyGAA&sigh=RdLcPeLFdnY&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 09:52:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 930C 143 B
166 B 63ms
62ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 2212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B626 1 KB
643 B 64ms
62ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 78641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 81A1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1e5f3598f853a009520c445d9282f98473764c284314962f526d5c6cdbdb036

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9FBB 1 KB
643 B 63ms
63ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 78641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 12:01:33 GMT
etag: 48472445140208031
expires: Fri, 28 Oct 2022 12:01:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D089 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0325d744835f7bd5f77c741eeb16b9ee24632d0e47240d921804a419caa71d36

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4BF 143 B
166 B 69ms
69ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&slotname=4246281558&adk=3471378199&adf=2987723014&pi=t.ma~as.4246281558&w=528&fwrn=4&fwrnh=100&lmt=1666950732&rafmt=1&format=528x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1666950732571&bpp=2&bdt=858&idt=387&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1QmnFoizPk&p=http%3A//sci-hub.wf&dtd=392
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 2212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7F8F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 483f8c552903d8e3b3e7fb1a46d57507b3468a1229527f4fce3479e1bfce508b

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame A4BA 35 B
463 B 205ms
67ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG029I8PgFx9Hh8d7eE6oZE&google_cver=1&google_push=AZmPxg9dIsknneJSly1tZcYfejAH12vg1shbMyWyTAdj56nlaoqd5dGsfW9VPUYtBXdsf0SJ3Zubu-1DTKSlcRR2rON4mv1Hyaq-N0SMAjvr22TxKF2TkHszbmuifh5OstYX2ArndleNeXjy8Sg6g1M-ago

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4BA
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9zBqHtTmfRRz1UKh_rzj774Sbouf1djEQruR7h6EB8ozhaluz6zy-S-9SxJODrJM8g039Y5kSduDSh5T4xEpEBmBFOJKANSTumYrkZJ4is_H-d-8kzh2Tr-9grRHQBIEI0SgnguZ2...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCM7M7poGEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVptUHhnOXpCcUh0VG1mUlJ6MVVLaF9yemo3NzRTYm91ZjFkakVRcnVSN2g2RUI4b3poYWx1ejZ6eS1TLTlTeEpPRHJKTThnMDM5WTVrU2R1RFNoNV...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDg5aXBBbjlsRkxELWlmTW5sTzR6c0owdFEzazZNYkxMTlJJMmI1Y3dCcw==&google_push

170 B
188 B

195ms
84ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDg5aXBBbjlsRkxELWlmTW5sTzR6c0owdFEzazZNYkxMTlJJMmI1Y3dCcw==&google_push

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 Oct 2022 09:52:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNDg5aXBBbjlsRkxELWlmTW5sTzR6c0owdFEzazZNYkxMTlJJMmI1Y3dCcw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame A4BA 43 B
135 B 124ms
55ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBEMnb_YkBk1LU4LXDPA5Nc&google_cver=1&google_push=AZmPxg-M2CxsP9y6TUc2P76Q1DQoJsRwOzStii5SaC5ri-d2qjoCn5n5imkc5l6XzhRjdywE3TG2Y7R2b89M3u_An7nIVh-2oA7AP2NLAU5z65P1Fx7GG1KhWQhmZ0q2ggO0RlJuLi_vkaPK1BXMfIvPRh0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=1049116157&adf=2259083263&pi=t.aa~a.2054722437~rp.3&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2043&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280&nras=4&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=4894&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MUiHMd6YbN&p=http%3A//sci-hub.wf&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 28cgfpt6so1lmmf7fmk5l9gvdds6l3gb

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4BA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1dp_OMP0TlWBi7-iPQ9Hpw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

195ms
83ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1dp_OMP0TlWBi7-iPQ9Hpw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-ckIpdIjs54kjdS9oPgvl3y7H6TmCs0PoQEhmtSgmAewBdtYn_21e7WOYUtR7Y_ar4V3eiwNyK5iH2hbeUL-e-tu8uV93KgkclawNHOoxj3Z4rfj5a_WWSiqIzZytGeGyCq1BjXoBOCqIH6VCPDrk

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1dp_OMP0TlWBi7-iPQ9Hpw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-ckIpdIjs54kjdS9oPgvl3y7H6TmCs0PoQEhmtSgmAewBdtYn_21e7WOYUtR7Y_ar4V3eiwNyK5iH2hbeUL-e-tu8uV93KgkclawNHOoxj3Z4rfj5a_WWSiqIzZytGeGyCq1BjXoBOCqIH6VCPDrk
date: Fri, 28 Oct 2022 09:52:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4BA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEB4ItZbFp7rwSCVmO_3JH0k&google_cver=1&google_push=AZmPxg9AIjchBzydJFCArPwZAOnO9bhZYcZBNBNE8UmRszL8kdy5my1ukpVsZlxCscmWQQYJKs_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMVotVk9G&google_push=AZmPxg9AIjchBzydJFCArPwZAOnO9bhZYcZBNBNE8UmRszL8kdy5my1ukpVsZlxCscmWQQYJKs_WmBVVMkbHYec3V_LtG7N1NHf_rv76n...

170 B
188 B

193ms
81ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMVotVk9G&google_push=AZmPxg9AIjchBzydJFCArPwZAOnO9bhZYcZBNBNE8UmRszL8kdy5my1ukpVsZlxCscmWQQYJKs_WmBVVMkbHYec3V_LtG7N1NHf_rv76nlo2a2uq_0390EpO8GF19_o8jCqiRJkEjAnymBJ1kaWO4qvkAmA

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMVotVk9G&google_push=AZmPxg9AIjchBzydJFCArPwZAOnO9bhZYcZBNBNE8UmRszL8kdy5my1ukpVsZlxCscmWQQYJKs_WmBVVMkbHYec3V_LtG7N1NHf_rv76nlo2a2uq_0390EpO8GF19_o8jCqiRJkEjAnymBJ1kaWO4qvkAmA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4BA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg_ne-pEoZl4x9UIsQY3og_8JkXJbMH-J...

170 B
188 B

126ms
67ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg_ne-pEoZl4x9UIsQY3og_8JkXJbMH-JTx_BQDjlTg4c0lhIHiIim7QPALASbuTuf1ZuJrUnta-l8kFhnAQJsRUM4OkH8Hc11tOXyBLI-wbI1_JNpQ2q_tfI2QRkgKSnoYqMDSeYJI8JUKJQo3Jfg

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK0eYYVWwu_F0edUl0E57VY&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg_ne-pEoZl4x9UIsQY3og_8JkXJbMH-JTx_BQDjlTg4c0lhIHiIim7QPALASbuTuf1ZuJrUnta-l8kFhnAQJsRUM4OkH8Hc11tOXyBLI-wbI1_JNpQ2q_tfI2QRkgKSnoYqMDSeYJI8JUKJQo3Jfg
cache-control: no-cache
cf-ray: 7612c70c98f086cc-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame A4BA 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A4BA 0
223 B 208ms
63ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSaHT52QJJXXeVMNb7pXTbMxQOesMkyTfVXzf0AZ24fAnV-1dwEmayt10cq-fwWoH7DTy1Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame B626 35 B
462 B 192ms
67ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENa1sIY0YL6RlUu849aE2sc&google_cver=1&google_push=AZmPxg8QCSWQ7PU0hGK0hSR3ZfRmZZOCgPiLusn2ZwgI1wxyX7iU_L5BUPwksb0_zzS8jbg-oqql5b-atrGLLx1JSWZIEXwWvyH5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_F0skF...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_F0skF...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwOTUyMTUwMDAxMDU3MzY1ODAzMA%3D%3D&google_push=AZmPxg_F0skFKriktyQlUj6jUbhat0U8OaJMb0cEV-Nnr9vB0NtpWTy_SN71BwAFWwdZVL...

170 B
188 B

66ms
66ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwOTUyMTUwMDAxMDU3MzY1ODAzMA%3D%3D&google_push=AZmPxg_F0skFKriktyQlUj6jUbhat0U8OaJMb0cEV-Nnr9vB0NtpWTy_SN71BwAFWwdZVLqyq0PIDfIL4GL9pdgZ6pDNaaXvpxa7

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMjgwOTUyMTUwMDAxMDU3MzY1ODAzMA%3D%3D&google_push=AZmPxg_F0skFKriktyQlUj6jUbhat0U8OaJMb0cEV-Nnr9vB0NtpWTy_SN71BwAFWwdZVLqyq0PIDfIL4GL9pdgZ6pDNaaXvpxa7
pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 28 Oct 2022 09:52:15 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B626 43 B
350 B 111ms
54ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIC7x0EJ2sTk9JJ7E9Lr5W0&google_cver=1&google_push=AZmPxg-JhKy7wZJm2hBqxb_YZWZ0kO_HKOcudwnGpgh8BrEtROEysopOQHXYHgK7z0bTtrUB80_xj9AI9ZRL_j_fVD0OtET2wLO1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: c1ifib1ugbgie57jnu4t2iaa3ss47t5f

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7L_xg4M0QnqA_Xk27P07TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

199ms
87ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7L_xg4M0QnqA_Xk27P07TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_juZ7P1rbcXZIhQ8t4kyBDW82D1eeu8tPpiuLxeS8DlR2HuehEYkpcB5-TFXJt-OEN4YK-bEkVKgSIL5W9g3ooflAevJrE

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7L_xg4M0QnqA_Xk27P07TA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_juZ7P1rbcXZIhQ8t4kyBDW82D1eeu8tPpiuLxeS8DlR2HuehEYkpcB5-TFXJt-OEN4YK-bEkVKgSIL5W9g3ooflAevJrE
date: Fri, 28 Oct 2022 09:52:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECyJczOCVBeaCJxusEZsPdA&google_cver=1&google_push=AZmPxg9pHpg9RIH9Qo0WIfiCY5bziDzrF6vs3M9orH8hDh74XI6c7nDrCXhVdpaInDUtfgK67Ul...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMTktNkYxNg==&google_push=AZmPxg9pHpg9RIH9Qo0WIfiCY5bziDzrF6vs3M9orH8hDh74XI6c7nDrCXhVdpaInDUtfgK67UlKEZgGcnAWE3oK_ipC4NY9lTKk

170 B
188 B

194ms
82ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMTktNkYxNg==&google_push=AZmPxg9pHpg9RIH9Qo0WIfiCY5bziDzrF6vs3M9orH8hDh74XI6c7nDrCXhVdpaInDUtfgK67UlKEZgGcnAWE3oK_ipC4NY9lTKk

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlTQkZFVUItMTktNkYxNg==&google_push=AZmPxg9pHpg9RIH9Qo0WIfiCY5bziDzrF6vs3M9orH8hDh74XI6c7nDrCXhVdpaInDUtfgK67UlKEZgGcnAWE3oK_ipC4NY9lTKk
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B626
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg9IU7S1xXJU9AvQVOcn4eRQHe2xOribu...

170 B
188 B

185ms
75ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg9IU7S1xXJU9AvQVOcn4eRQHe2xOribuTAtvdRmAC3xFRwEv7w8YRO1Re7n51AYUtqblOPht4v427Z4CnmawVfFsNUQ4Zrc

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEQs5lPPAgkckS3ItXwhBWo&google_hm=Y1umTsQVJp3FZfMIcOkafQAAESsAAAAB&google_nid=index&google_push=AZmPxg9IU7S1xXJU9AvQVOcn4eRQHe2xOribuTAtvdRmAC3xFRwEv7w8YRO1Re7n51AYUtqblOPht4v427Z4CnmawVfFsNUQ4Zrc
cache-control: no-cache
cf-ray: 7612c70c98ed86cc-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame B626 43 B
297 B 246ms
55ms Image
image/gif 2a05:d01c:1d8:8102:d23d:5b09:c47c:a9ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEC4ckWewv07n2vVueOyi2bs&google_cver=1&google_push=AZmPxg-Jg4i2QRMwJb_GJhUsVWNxdkpqmMYbH2MHA4M1yNIcOZLYoIDV4aCTtHxwg-C2rsaVMieyQ_1bqHbyfkd8DHCO6EjdqGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.28055224~rp.1&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x280&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=-M&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280&nras=3&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=OyBVpn90cA&p=http%3A//sci-hub.wf&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:d23d:5b09:c47c:a9ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B626 0
40 B 196ms
64ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLZfX0PqoJwqwqjwYdSigp3qno9_7K7MnejUwq4vDS00j0A6DZUZeFdC54b5VEYPmoQ9ZQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7F8F 28 KB
28 KB 208ms
65ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 301117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:13:37 GMT

GET
DATA 200
OK truncated
/ Frame 6894 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52173959ed6c43183528aae3383ad074a2cbf2ba6f827ab59403827e05f5e53a

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9FBB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOjQBSNwbiO3wWje1rxndDs&google_cver=1&google_push=AZmPxg9QIsaE3Vm-i4fQDfQrOry9Ax8ucX905HzaDAzgVeJcl-asqzT4n17RNmZuEP7yjpn68L7KcNPAtgPEIzoKD0qWeX0rJdg1bho
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODYxNzcwNTg5NTcxNjk5MjM0Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOjQBSNwbiO3wWje1rxndDs&google_cver=1

43 B
398 B

133ms
79ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOjQBSNwbiO3wWje1rxndDs&google_cver=1
Requested by: Host: sci-hub.wf
URL: http://sci-hub.wf/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOjQBSNwbiO3wWje1rxndDs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9FBB 35 B
464 B 181ms
66ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECCjHC1PVzUqM8mCnnzLa48&google_cver=1&google_push=AZmPxg921yefchi8a1ZjmlOPFioKyDTK4tRRw_MeACrjkrMt8qlPZZJS7KzTVlDjntEpTIJ9Dk9vzm_UxToWCFvFOdIx6Lgw-WMbVvc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9FBB 0
104 B 329ms
139ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOHDZFkHLEMUz058BznCGVE&google_cver=1&google_push=AZmPxg-6rnngGOG9pb-Mt9qzQuQsL3R5peMTTUTL64b6atloc6TAR7TnGK0sTzTBxb2BO-VDJnUJFfQn6jO4ux2B-fXaqyxykaE6aQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9FBB 70 B
265 B 235ms
94ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELhNZOddlLSofmJPKl0xfmY&google_cver=1&google_push=AZmPxg-5IwCtkMDZf5Ef-L6GvDIdxsLXLelDifeq1YFbco_TyvpS6oULyoivWaOJqsbS8XGrQNNLDFhXSmJS-Tb3UC5cSQpUXqeQ_PQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FBB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC-uy7pdRV2WcEwFg9IpXb0&google_cver=1&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DYrQYDU...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC-uy7pdRV2WcEwFg9IpXb0&google_cver=1&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ0MDEwNTgzNzc1ODIwODQwMA&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DYrQY...

170 B
188 B

109ms
79ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ0MDEwNTgzNzc1ODIwODQwMA&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DYrQYDU1uSEr_u9g_xeOzonhRFCdGg

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ0MDEwNTgzNzc1ODIwODQwMA&google_push=AZmPxg8rOp0CJCbyIVNv7P1Af65YrTSw4ISiP_bM32blvqu1y6w4i9tbpCpgnt3TCMJ57c3n8DYrQYDU1uSEr_u9g_xeOzonhRFCdGg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 9FBB 0
75 B 208ms
48ms Image
text/plain 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOU1NaceW7GewWwiCybefGI&google_cver=1&google_push=AZmPxg_rkO4AZU81FmANlzwV-KMsfXxPCbEg7xfRc6KaQGcFaz0b_tf9eZ3Rj232kmO4a8RHQPT6_ADW35vesR6yRP8_6GJnzi4uFHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7696326278603752&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1666937271920&w=1200&fwrn=4&fwrnh=100&lmt=1666950733&rafmt=1&to=qs&pwprc=5032591537&format=1200x90&url=http%3A%2F%2Fsci-hub.wf%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666950733756&bpp=1&bdt=2044&idt=0&shv=r20221026&mjsv=m202210250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5a50b2c40045ae1b-221202dd58ce0093%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ&gpic=UID%3D00000b797792a693%3AT%3D1666950733%3ART%3D1666950733%3AS%3DALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A&prev_fmts=0x0%2C528x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=7996811240324&frm=20&pv=1&ga_vid=385710905.1666950733&ga_sid=1666950733&ga_hid=1107798360&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070540%2C44775016&oid=2&pvsid=1980721209231910&tmod=86315094&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=TlszVCQjg6&p=http%3A//sci-hub.wf&dtd=25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9FBB
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELZ87JgQFDUjiDD5gH4URwU&google_cver=1&google_push=AZmPxg-EI9XHtfsG8...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELZ87JgQFDUjiDD5gH4URwU%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjkyNTYyMDgwMjE5NzQxODc1Nw%3D%3D&google_gid=CAESELZ87JgQFDUjiDD5gH4URwU&google_cver=1&google_push=AZmPxg-EI9XHtfsG8drVsL5DrsFSD4Gz3E...

170 B
188 B

190ms
80ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjkyNTYyMDgwMjE5NzQxODc1Nw%3D%3D&google_gid=CAESELZ87JgQFDUjiDD5gH4URwU&google_cver=1&google_push=AZmPxg-EI9XHtfsG8drVsL5DrsFSD4Gz3E6wN-TN172rtaub2JpmgRw7DnbhhGpSVP4rwktU7JZP4mlYteNbIfaZ70vYMHaDUwHHh1Hb

Requested by

Host: sci-hub.wf
URL: http://sci-hub.wf/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 09:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 09:52:14 GMT
AN-X-Request-Uuid: 0816f3dd-81b1-4354-ad1a-a1b4f43f344a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjkyNTYyMDgwMjE5NzQxODc1Nw%3D%3D&google_gid=CAESELZ87JgQFDUjiDD5gH4URwU&google_cver=1&google_push=AZmPxg-EI9XHtfsG8drVsL5DrsFSD4Gz3E6wN-TN172rtaub2JpmgRw7DnbhhGpSVP4rwktU7JZP4mlYteNbIfaZ70vYMHaDUwHHh1Hb
Connection: keep-alive
X-Proxy-Origin: 45.152.183.44; 45.152.183.44; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9FBB 0
40 B 187ms
64ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILkaalFr9C9RZUR2InyvR-ZOORiWZr66eLqjqd-lIFBCfuyHv2sXEEUf_hP1WeJrl_apqEMA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 930C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

87ms
86ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4BF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

96ms
96ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
expires: Fri, 28 Oct 2022 09:52:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6894 15 KB
15 KB 261ms
236ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 565890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6894 15 KB
16 KB 155ms
131ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 320842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6894 15 KB
15 KB 243ms
220ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 01:10:11 GMT
x-content-type-options: nosniff
age: 31323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 01:10:11 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D089 28 KB
28 KB 203ms
193ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 301117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:13:37 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 81A1 28 KB
28 KB 154ms
151ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 301117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 22:13:37 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B7B 36 KB
16 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 09:34:38 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9178 36 KB
16 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 09:34:38 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame DE6D 36 KB
16 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 09:34:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 214ms
90ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03c90fa370f8a4938fe8734a08558e0685ae9c5bf8c6527fb1a1dfbfcd863eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11309
x-xss-protection: 0

GET process
share.pluso.ru/ 0
0

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1
https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1

43 B
528 B

89ms
88ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 09:52:18 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 27 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Oct 2022 09:52:18 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.wf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 27 Oct 2021 21:00:00 GMT

GET 06.png
share.pluso.ru/img/pluso-like/square/medium/ 0
0

GET plus.png
share.pluso.ru/img/ 0
0

GET kb.js
kitbit.net/ 0
0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 09:52:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBAB 13 KB
5 KB 75ms
74ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 99
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:50:39 GMT
expires: Sat, 28 Oct 2023 09:50:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6794 783 B
535 B 84ms
83ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f6dcb91be9bef18c05370cb6a22a63bfddddc0c5a367b703b8e2ad6da3513df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9flZWQ0nf35NBsShdGjaJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sci-hub.wf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-9flZWQ0nf35NBsShdGjaJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 09:52:18 GMT
expires: Fri, 28 Oct 2022 09:52:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame DBAB 36 KB
16 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 09:34:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6794 0
0 105ms
105ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=1980721209231910&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DBAB 0
10 B 59ms
59ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NszUVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:52:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
97ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=1980721209231910&bg=!iIuli8_NAAZPh4lnb4c7ACkAdvg8WgSpz244NZ4wf5p2tx7o1-UTLcxrXtXvASYv3f65Jbq7uGzEiAIAAABQUgAAAANoAQeZAqS3u_G9FeThux9-DU6o2cttUrkpTPHmG9Bx7qPjaN_xOm9N61Ip-i7_uMRBld71DDF1eTpvt0DMrR6n_1Q1dWAeZBTCcOep63b5K8Um3YxvUR9kNQ36hzCT2q_q6IFTbACx8dGtJ13ykhzNqmUxnAq1JUd5v2uamkHz5qyE_Enh_t1e10mwzVVqG4dTwm3dEB18ZCzTMYxYCZ0jkwGvrv8bXtPjyxWEPqPqbwPsdU2Ig81vDI3zMvuH4vPQ5v73Iv84uXE4pY2QLxvqc0S7rxsQ0KuJSFsVwzDF2rwRk33SdqZDDpwxXM9jQipGelS9a8e96b-Pb_oSdyIpzcJifLTuwXXpF2WKvmhhR1sgHeFnOqqQClu2TakHozjhSQ3-KP7HZdgVg-ObclrtzYG-LwUeAGx5mewQR43VBSNl6YbOu8KWc2Whxsq0lcsTV8dw1WXvg25g6HTI4K6G7XZ8wQCYJbtFEeXlhLmFMUMJAGN6wXKrCjcOBC1_fbmDAoJKX_NMacd9ka9DKul4nxUVxaBVQQULEIUvL6soiCxz1JvCMU2tFDwQQjiYA9iST_gPj_93APR0wIoZSEqoSnJFP_hjda5jSQyfclvnV3mcvs-OB30EkUfX2QhwO9Ct9iZKUQjQy90LNdYRPgjAFbxOZbmnFgWAalyPUuqwhvRjEMmKs45_198D0DEmBMjHO2WwBSJkMwrcukvooO-1X3OaJp85XqDH-VFTCrk2GbEZej1zw2Yog7QO0AOoj5dR5Nc0X5bGovCl-dcL-w_HsdDB8xpp6l4Np5ETdkg2OqzTgfwhI3xuOfOjnuzZ1pngpCUj4OgGIqh6swbYDKVDbOyp8lADmeUyvrZhXl4M71qZb_iyyRmBoil0QcHqebHVQ3zbPYO0rL43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://sci-hub.wf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.sci-hub.shop
URL: http://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGFk176NxAuY72gdGYoqkM0&google_cver=1&google_push=AZmPxg_DIn7eMtgPQb064dr4mqEawk_aemc3ljrJ27hyU2Q8ndCzGxPc2mEg_STNns-JH_mI9iptKMrMwTLd6veCjkmexViUHvc88Ap_Dk90ZjQ_r9w-hs_1Ils0EJk1n7Izfp-nR-sILcH6EoEbYROflCfZ

Domain: share.pluso.ru
URL: http://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.wf%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=OMAHLdysJTARWPGS&first=1

Domain: share.pluso.ru
URL: http://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.wf%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=Hv5CXkFcSXTiundefinedSbW

Domain: share.pluso.ru
URL: http://share.pluso.ru/img/pluso-like/square/medium/06.png

Domain: share.pluso.ru
URL: http://share.pluso.ru/img/plus.png

Domain: kitbit.net
URL: http://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sci-hub.wf/	1970-01-20 16:24:06	Name: __gads Value: ID=5a50b2c40045ae1b-221202dd58ce0093:T=1666950733:RT=1666950733:S=ALNI_MarJa4IFVrIv7HLm2YM0Ku8ZhrLKQ
.sci-hub.wf/	1970-01-20 16:24:06	Name: __gpi Value: UID=00000b797792a693:T=1666950733:RT=1666950733:S=ALNI_Ma5azFlDMUPG2F9Bht4G6yOYROz_A
.doubleclick.net/	1970-01-20 16:24:06	Name: IDE Value: AHWqTUnAJmrjQrECu3kWTyyJclnoD13yIjSV-nePSCqKJz8BINoZ3SFaonlHCYf8Y8k
.doubleclick.net/	1970-01-20 07:02:34	Name: DSID Value: NO_DATA
.rlcdn.com/	1970-01-20 15:48:06	Name: rlas3 Value: CjpSwt0ESmV6uKSHs4CP3GiOcgl5LRJM24sNB5EtflI=
.casalemedia.com/	1970-01-20 15:48:06	Name: CMID Value: Y1umTsQVJp3FZfMIcOkafQAA
.casalemedia.com/	1970-01-20 09:12:06	Name: CMPS Value: 4395
.casalemedia.com/	1970-01-20 09:12:06	Name: CMPRO Value: 4395
.pubmatic.com/	1970-01-20 07:03:57	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 09:12:06	Name: d Value: EAcBCQG4J4EA
.quantserve.com/	1970-01-20 16:32:45	Name: mc Value: 635ba64e-bb42d-4ae2b-5ad9d
.adnxs.com/	1970-01-20 09:12:06	Name: uuid2 Value: 6925620802197418757
.pubmatic.com/	1970-01-20 09:12:06	Name: KADUSERCOOKIE Value: D5DA7F38-C3F4-4E55-818B-BFA23D0F47A7
.innovid.com/	1970-01-20 09:12:06	Name: uuid Value: 18b5b491-72bf-40c6-93f7-23d70b128224-20221028 05:52:14
.adform.net/	1970-01-20 07:47:09	Name: C Value: 1
.rlcdn.com/	1970-01-20 08:28:54	Name: pxrc Value: CM7M7poGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 09:12:06	Name: CMTS Value: 4419
.turn.com/	1970-01-20 11:21:42	Name: uid Value: 8617705895716992343
.e.dlx.addthis.com/	1970-01-20 16:32:45	Name: na_tc Value: Y
.adform.net/	1970-01-20 08:28:54	Name: uid Value: 1440105837758208400
.addthis.com/	1970-01-20 16:32:45	Name: na_id Value: 2022102809521500010573658030
.addthis.com/	1970-01-20 16:32:45	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:32:45	Name: uid Value: 635ba64fa6cac9e6
.addthis.com/	1970-01-20 16:32:45	Name: ouid Value: 635ba64f0001589a92fbb1403438a9df046379e3af8181ef4b3f
.dlx.addthis.com/	1970-01-20 07:45:42	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:45:42	Name: na_sr Value: 20221028
.dlx.addthis.com/	1970-01-20 07:02:30	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:45:42	Name: na_sc_e Value: 0
.yadro.ru/	1970-01-20 15:47:20	Name: FTID Value: 1ZMwPI2tDs8Q1ZMwPI0034yR
.yadro.ru/	1970-01-20 15:47:20	Name: VID Value: 3gupEK0pkCuQ1ZMwPI0034zD

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://sci-hub.wf/ Message: Access to font at 'http://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'http://sci-hub.wf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEGFk176NxAuY72gdGYoqkM0&google_cver=1&google_push=AZmPxg_DIn7eMtgPQb064dr4mqEawk_aemc3ljrJ27hyU2Q8ndCzGxPc2mEg_STNns-JH_mI9iptKMrMwTLd6veCjkmexViUHvc88Ap_Dk90ZjQ_r9w-hs_1Ils0EJk1n7Izfp-nR-sILcH6EoEbYROflCfZ Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271802&client=ca-pub-7696326278603752&fa=2&ifi=9&uci=a!9&btvi=8&xpc=nBuyMVd7GC&p=http%3A//sci-hub.wf Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.es
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
dclk-match.dotomi.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
img.sci-hub.shop
kitbit.net
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.turn.com
rtb.openx.net
sci-hub.wf
secure.adnxs.com
share.pluso.ru
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
img.sci-hub.shop
kitbit.net
share.pluso.ru
104.18.18.126
142.250.186.162
185.64.189.115
185.86.137.122
185.89.210.141
2.18.232.236
2001:678:cb4:bbbb::11
2606:4700:3033::ac43:a162
2606:4700:3037::6815:5d77
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:fa8:8806:20::2040
2a05:d01c:1d8:8102:d23d:5b09:c47c:a9ce
35.186.253.211
35.244.174.68
35.71.131.137
37.157.4.25
69.173.144.138
88.212.201.198
88.212.202.52
02d353b931fa095d941d4077eec1404bf764ec415ff8cab1d58ae0f17ae73f6f
0325d744835f7bd5f77c741eeb16b9ee24632d0e47240d921804a419caa71d36
03c90fa370f8a4938fe8734a08558e0685ae9c5bf8c6527fb1a1dfbfcd863eab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0cd5b353bd0cde985ac4d6f148c9458243fec04418cbae5bfda79e0322276931
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
12b498ad6256d487f658f24189621d4d6819ab6e11fcd63142e6aeb77f560b6e
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
155d781771f72d944622119f838f4533e7bb5be98e6c38b01f595c3f1a365197
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2306c0c625ddc6737c607b01910d05dcf2e2036fe3fe00d2882196bcaaa5df30
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
378ffd0f703abbdceedb97107fb7acfd0772b1619d4a68b0f20d530e41b98134
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
447e3b53f981c174f7f696ff1657e745e86ada5442dde6231bdfe0ada301dbc0
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
483f8c552903d8e3b3e7fb1a46d57507b3468a1229527f4fce3479e1bfce508b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52173959ed6c43183528aae3383ad074a2cbf2ba6f827ab59403827e05f5e53a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5736301424fb5bf6f76840e389cdd34cca45955df4c6cd84da2e86e8e5f5e3bd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66d5261b1110f78d5e07eac1be4f0f09eae9520a5845f16f12d70b6083c27758
6b36fd915c1aa37c9e8c156727be8715a3f88a80307ce6aa7d272602f944014f
74017d97a0876e72ef09a14ea0b3ad49a744811c726e7b05e305d4a6e3e07612
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
7f6dcb91be9bef18c05370cb6a22a63bfddddc0c5a367b703b8e2ad6da3513df
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ce3abf632b319efe1496dd0ae1fcc4500d323957eb46ce0061483b64d820316
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
95924cbeb84d586649fbfebce3a54b9f08039323b19539d8d3eac7e40bf9f8d7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a38ef201f0556be680aa14176513963db28469ae791b5c2fd75e84cab2fdca47
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60983a652a2e085e33149a89dbab339929a4944dd276e326e5da96ccc204a1d
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
afb6283a60b1ff0fe94db14cdce189002d75fcd49ea539161abb4a40968d516e
b1e5f3598f853a009520c445d9282f98473764c284314962f526d5c6cdbdb036
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c3b4bc09c0d39c4c6df75ba5b32e8456f9aea981cc64edac6d45f041050a9a60
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
d3938d65a77ce9f2adc3c33a5cbe3200cd6fdef635eac93d3739f1dcd2eb2306
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1b3ef54a356d12cb9dd57ac88476cc9602730125b54dfc9b49d52e5a97b52e6
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

sci-hub.wf Open in urlscan Pro 2606:4700:3037::6815:5d77 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

72 %HTTPS

57 %IPv6

28 Domains

33 Subdomains

23 IPs

8 Countries

1657 kBTransfer

3719 kBSize

30 Cookies

4 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

sci-hub.wf Open in urlscan Pro
2606:4700:3037::6815:5d77 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

72 %
HTTPS

57 %
IPv6

28
Domains

33
Subdomains

23
IPs

8
Countries

1657 kB
Transfer

3719 kB
Size

30
Cookies

147 HTTP transactions
6 data transactions