urlscan.io logo urlscan.io
SecurityTrails logo

sci-hub.mksa.top Open in urlscan Pro
2606:4700:3033::6815:35c2  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sci-hub.mksa.top/
Effective URL: https://sci-hub.mksa.top/
Submission: On June 07 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 5 countries across 28 domains to perform 147 HTTP transactions. The main IP is 2606:4700:3033::6815:35c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.mksa.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 3rd 2021. Valid for: a year.
This is the only time sci-hub.mksa.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
21 2606:4700:303... 13335 (CLOUDFLAR...)
7 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 37.200.67.211 49505 (SELECTEL)
1 2 88.212.201.210 39134 (UNITEDNET)
3 31.131.252.94 49505 (SELECTEL)
3 185.15.175.159 43226 (SAFEDATA ...)
1 1 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 89.108.97.2 197695 (AS-REG)
5 9 185.15.175.144 43226 (SAFEDATA ...)
2 2 185.15.175.137 43226 (SAFEDATA ...)
7 9 142.250.186.34 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 7 2.18.234.21 16625 (AKAMAI-AS)
3 5 37.252.173.22 29990 (ASN-APPNEX)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 195.66.82.41 197205 (MERCIS-AS)
2 2 91.216.195.7 12516 (WEBORAMA ...)
1 2 52.47.207.212 16509 (AMAZON-02)
4 172.217.18.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 130.211.47.109 15169 (GOOGLE)
3 34.107.167.126 15169 (GOOGLE)
1 142.250.74.198 15169 (GOOGLE)
2 216.58.212.162 15169 (GOOGLE)
147 41
2    2606:4700:3033::6815:35c2 (United States)

ASN13335 (CLOUDFLARENET, US)
sci-hub.mksa.top
21    2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sci-hub.shop
7    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
4    37.200.67.211 (Russian Federation)

ASN49505 (SELECTEL, RU)
share.pluso.ru
2    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
3    31.131.252.94 (Russian Federation)

ASN49505 (SELECTEL, RU)
kitbit.net
3    185.15.175.159 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
p1.ntvk1.ru
1    2606:4700:3035::ac43:c8d3 (United States)

ASN13335 (CLOUDFLARENET, US)
optinder.com
1    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut9.rktch.com
9    185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
2    185.15.175.137 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
fnc.rt.ru
9    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
7    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
5    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    195.66.82.41 (Paris, France)

ASN197205 (MERCIS-AS, FR)
PTR: mmtro.com
mmtro.com
2    91.216.195.7 (France)

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-02-vip.weborama.fr
groupelaposte.solution.weborama.fr
2    52.47.207.212 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-207-212.eu-west-3.compute.amazonaws.com
laboutique.commander1.com
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    130.211.47.109 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 109.47.211.130.bc.googleusercontent.com
nxtck.com
3    34.107.167.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.167.107.34.bc.googleusercontent.com
cdn-ssl-as.nxtck.com
1    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ad.doubleclick.net
2    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
149 KB
28 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
216 KB
21 sci-hub.shop
img.sci-hub.shop
576 KB
13 2mdn.net
s0.2mdn.net
865 KB
12 digitaltarget.ru
tag.digitaltarget.ru
dmg.digitaltarget.ru
25 KB
7 casalemedia.com
dsum-sec.casalemedia.com
7 KB
6 googletagservices.com
www.googletagservices.com
158 KB
6 google.com
adservice.google.com
www.google.com
715 B
5 nxtck.com
nxtck.com
cdn-ssl-as.nxtck.com
14 KB
5 ampproject.org
cdn.ampproject.org
100 KB
5 adnxs.com
ib.adnxs.com
5 KB
4 pluso.ru
share.pluso.ru
27 KB
3 gstatic.com
fonts.gstatic.com
46 KB
3 googleapis.com
fonts.googleapis.com
2 KB
3 kitbit.net
kitbit.net
2 KB
2 commander1.com
laboutique.commander1.com
2 KB
2 weborama.fr
groupelaposte.solution.weborama.fr
1 KB
2 rt.ru
fnc.rt.ru
1 KB
2 yadro.ru
counter.yadro.ru
1 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 mksa.top
sci-hub.mksa.top
7 KB
1 mmtro.com
mmtro.com
438 B
1 googleusercontent.com
lh4.googleusercontent.com
207 KB
1 rktch.com
ut9.rktch.com
88 B
1 optinder.com
optinder.com
295 B
1 ntvk1.ru
p1.ntvk1.ru
381 B
1 google.fr
adservice.google.fr
165 B
1 googletagmanager.com
www.googletagmanager.com
35 KB
147 28
Domain Requested by
21 img.sci-hub.shop sci-hub.mksa.top
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
sci-hub.mksa.top
googleads.g.doubleclick.net
tpc.googlesyndication.com
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
14 tpc.googlesyndication.com sci-hub.mksa.top
securepubads.g.doubleclick.net
tpc.googlesyndication.com
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
13 s0.2mdn.net sci-hub.mksa.top
s0.2mdn.net
ad.doubleclick.net
9 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
9 dmg.digitaltarget.ru 5 redirects
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 securepubads.g.doubleclick.net sci-hub.mksa.top
securepubads.g.doubleclick.net
6 googleads.g.doubleclick.net sci-hub.mksa.top
6 www.googletagservices.com securepubads.g.doubleclick.net
sci-hub.mksa.top
nxtck.com
www.googletagservices.com
s0.2mdn.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 www.google.com 1 redirects sci-hub.mksa.top
tpc.googlesyndication.com
4 googleads4.g.doubleclick.net sci-hub.mksa.top
ad.doubleclick.net
4 share.pluso.ru img.sci-hub.shop
sci-hub.mksa.top
3 cdn-ssl-as.nxtck.com nxtck.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
s0.2mdn.net
3 tag.digitaltarget.ru kitbit.net
tag.digitaltarget.ru
3 kitbit.net img.sci-hub.shop
kitbit.net
3 290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ade.googlesyndication.com
2 nxtck.com 1 redirects 290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
2 laboutique.commander1.com 1 redirects sci-hub.mksa.top
2 groupelaposte.solution.weborama.fr 2 redirects
2 fnc.rt.ru 2 redirects
2 counter.yadro.ru 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 sci-hub.mksa.top 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 mmtro.com sci-hub.mksa.top
1 lh4.googleusercontent.com sci-hub.mksa.top
1 ut9.rktch.com
1 optinder.com
1 p1.ntvk1.ru 1 redirects
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.fr securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com sci-hub.mksa.top
147 39

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
mksa.top
Cloudflare Inc ECC CA-3		 2021-03-03 -
2022-03-02		 a year crt.sh
sci-hub.shop
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.pluso.ru
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
counter.yadro.ru
R3		 2021-05-29 -
2021-08-27		 3 months crt.sh
*.kitbit.net
Let's Encrypt Authority X3		 2018-11-05 -
2019-02-03		 3 months crt.sh
tag.digitaltarget.ru
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-06 -
2021-07-06		 a year crt.sh
ut9.rktch.com
R3		 2021-04-19 -
2021-07-18		 3 months crt.sh
dmg.digitaltarget.ru
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.mmtro.com
R3		 2021-05-29 -
2021-08-27		 3 months crt.sh
*.commander1.com
Thawte RSA CA 2018		 2020-08-05 -
2021-11-01		 a year crt.sh
*.nxtck.com
Thawte RSA CA 2018		 2020-11-05 -
2021-11-07		 a year crt.sh
cdn-raw.nxtck.com
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://sci-hub.mksa.top/
Frame ID: 56B3FA169D18DE052DA13FF4B78C3325
Requests: 57 HTTP requests in this frame

Frame: https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55A44C883C47C2EAED4BC5C993857E07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYwq2LqQEwAQ&v=APEucNVGR_1NzrLK5Wm_G2ZbkmwRTdRmGwbUF5IFN82JD4MxhkrLD1RLWbivUeIYsyJQuD2KUYndVQwsR5fMYfZcM-ighndUH6YWC94jWOfkTo1vhX0d3whmnXujTBagimpq5F7pAVSunHEGTwNdGfIlPkfz1nqTSYIbRdxRCcHQNI6Ze_QDqf0
Frame ID: 8542730F0711418CB98D8264C4A3EEB6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHC_sc4lI8C67qky5bGuQ3mk-OruYBRoamcBkA0e2fE9HMPvMqklahfY06BJKD5Np7dlE_xYPa_n7JMrHC_LS7HOz6CnaO8Apc0NmUMtNigoC_72LbPEFHt_BNZJDwyTjd0Q5j3q2dAtm-VHvyEBl-ep5mUw&dbm_d=AKAmf-DQVFOvSrAfQ4WIr-YSVCS_T0jerJY3PFpscRZNfHSCew5hagR-XHyREXYXTCwMTi0JoIClOalae0AXbK5hkJ88IyWtWipS5GRq2jUMlStbspC-fepjOA1GIK7TTCox-UjglO6g5GBNalt94yMRNbqhTpamz2lepidHO-r3_RrKMvXA4ASiN31FL8ZlqOGb6TFs9hRlH-Ux63wBB8Q9jy8lFic_3hEDwYainEmhrIwu9tHRpH0QBofFAsCKmViW405wTULeGGzTT_Mpiz2R1NfMCROPpLOo0p5M0xR3lC0CWnrxB-mxQyMZMOsn9n3kNzbD2AL6gRJ4CL8ME2wex1xfMHfussL2z02VghDarEnOg8RAoZpCI_M6lAavJyLY_EVkrTkTfLx0qE6lu1jnkKEU4Krrwm4cj0M7NhnmiC-8NceqvCn75xIMGBVQk0ijTk89ZgkwEJeC36W8nyhRA2TeR9s8n602kZDlEnYzHH7N-fFYgHJss2Ed6y7Jauk5PMjn4MBKemHKu-LWry7mDcxrnt9d8VLAvXbm2CRajs_nnQbxEx1ru8JkhrOG4trwvroTQvlFD2u6_Lr5fxc0VdmZJxRzKyawvcSXTt--iN7F7F6N-CG6WiKFnjl5608EiUQLu0wzyQ63uCMfnpLuVhA3ODgw6kT-JjGdZaX0Wb-ToCR6DqhwQC5Z5FWSj55mFbX6GjvfjQXTFTEygAqlJiP-fwcndDXgC_K3pigGmvxwzI9kOkD07bZX9mPO4ZxvIDtOB7irCgVRFLXg03W2EYoRb7VS7S5f06LeUmnTnJocd5nD77Qyn1qUgjhMriMgA6GLXjPIdDrrt3OQ2LR3BgqqEtfgOQfsSLbGZFJptZzFO39dLSpMNMqsg6eAU87eBQsfRxH8LkWSSsEMyIWNzLHJ8cIJfcsIXCn_I7MN3xTZfCE4ASjMlfkHU1sPNJvwDmfK22UamHkTk1TsAnSUVA6WcZnQhiJQ0DTBq2dDnZjvvbqWd5mCbhy327l-Rrrw2tnDAOpyIS2ykn_8EyuAMFfpAR0cKyuOFd8wLCQt2dF_6G24EVNGE2bjbJTs0n8X7CVfEQCTlfdlvFt-MdX-HWpT4U65Z0993rph-wS1VTgckDW5P0kkqP7GBfeJlnXMihv0IXvTDjZf6IlCMiThXR8pzG3IkNBHAkypjLBa5Y-voOak8tMuYzm24QDt5sbrq5ehykp-65r39B1R4JxSN6kGQu8usOzVXcVKUu55gp-qb4I2o2m44_waBx08QhQhYNjQGaw7CyIXhAXA3XDE8v6-nbS_RSZQgVBtroggfhuyOpndejdUR_i6Rkua2I8HHODSswmUQOX8Xi2rS528uMb35sVmDq8jAgUiQ7_ePzDx9QJh2Q1AX7KQZXFuevz6_xfaAG3MiclTpS2yPMsOwaJTbYaeHmmqnhbnkSddvIZ07aQR8Ld3KcJV7peMp1j7PgDJHjHOOYYIJT80boJsOW1ZfDr7PBDkVb-_H4Qd6vmIlQoKuxdfron4zIJ7zivPzRvsunWB1uj-PuUAXqLKzOjYG0eNgcyJWjznGz1YrAGNoWYI0U_ORmGHWbuLMhwYzQYXiZl7X_vzQL2yHjTjlnWaybP3otZMrEOAppPEgWFPS5PMnRzblqgmo2bBa00B1-BqyHcd18cCnGnq_Y6poG1X8VnS-EDylN_wvJJfTpaOuz4Hfly2Pv6MYaHUbDn0eh4G5NRuGPM0L_WW38Qq3iX3DuDtYVXjvdH2_OIJtEJCA_4yr0jyP9VhFQBtm5cQg-OuL22BR_7VLQhV416Z2bKs1PJi7ZsFfulWYEidtooypiYNknEnS0brU1hJqShoTDPYJx2HgwJao5TTW7uq7cjBLj9TPfxI-qaO7mZZSO6egGEuFKImmnD7EFOzBkTkrQng96QOdfPy9td-WYaGdTt9i87UkM1jpEyDztNR0U8Ny4ATdUiMqjIOCwP0B14g-DK0h-ksHweGo48b2l7v5-PIimpSrII9qcESpW9kPC39MSGWjlTynuZ0xwJptEXz51LwflnAaQ2KoOcFUpSaykAzp6ydjHbjLoPmceukk9LTIrjzCEe8h1RnmxfgDIEZin_1h4-xniT96-Gs2IF3f4z8dKNpsQJm3aSrKFrfpvpvBmMu9TxIbmsg-TyJWGR6RHCNFfKvQk2dqguIZH3Sh-MRK1IwxU42lfmBDFsl9TTC3jcht9FYHQD1ZMJCyxtn8kfW1nBes2Bg8zWz_AO9mzu5nqzj970f6md88U5uGYAvJShycuoW3hq-gl8eEpV-Fjixd8j1tgYSArt_cuq3HJQAmSxdKVJsf9Wzlr7GzqTLEoKDmjiQXfyDWMzptSdYMZRmTwTUDqz0z3Yi6gNtExk85UdyQTbeVckOmIhO61hip96PPvJ-rWxrL4-BZdRTlZtWEKYXikGoz02ZOFWk-gI8gAoVKfYOVMxreco_gApK2MSiBxvySSzLZb082LrNk-QM5EIuhOiAb7DbbYvjEabS_u43c-chT_p5Qv8YyhmD3n1lrSB7Cd-y3e0iZEB6tKrvxsT95fF4hO3anA7KrLq9t02OXBl3OP_iTxUV71Sd-y90oCxHEQCM7ZZYfi0jwKUVDOuOJRn0sKYxtqYEEZ3nC2w5JEhwyy34kUnv8dGfQwCK9AIfYORK5IUhMsaBl4gNnQtLgCVxa48ljjkTkpQrzmDpBPMrMnT-rEJSHsCe0c05Ua0U9HndCznbrlLVCf8t8LToLuLDpBfQQjgZW5uqKssLVIOerxvRX0rJXHsJvZM-dvBxo9Ak9-ni4B24YurPqNK_EUT_TpM7b-SqpQPunvICBbXbhG-PIsxMUrkuCHZOaQ0T9vji6dtCduYfndsHD9Auk2Qn4pzKHRhAxZvJ9ZsoNssrlh54G6azc1aFCO24eVj-kza7JwbcexrF6a9_cKTyUmty5tKLLQ5J10zWMoFLjw&cid=CAASPeRo43F0N5hxVPhkZYqppq8sN32uGDCwPWWo7hIbcZeeUYJNVa3AVH2H0GHWFCR8piWaLuXCWCafGfGbiSk&rfl=2%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240
Frame ID: 2E0E30EC71F542035F72E10ED3109A12
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 036ED769492AC70D283F173FFC1899ED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A6C01BA9C91B6A6C4619DD7A7B0AEA9E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs
Frame ID: 346452274AB4FC895599F02A9E402A72
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F8B3132F78CDE543F4DD5A261273FF8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6772535/1621337138387/index.html
Frame ID: 65B688C95B48A53378276A8C72433CC8
Requests: 6 HTTP requests in this frame

Frame: https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0EE7C551E09D3528D0938B072A8132FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQrePsnQIY1-_clgEwAQ&v=APEucNU1xTIMGJt_XVw5TQcO2sTCR8eGrSIlST7hoLzqs-8JVDWfkNoAsMRrdjG_20Tjdh9k_gicrwZr14m7hbovaCO-kg0KWDwF_dNbrC5_USPucIqXxbfAI23RfgoEhmk5rE5PVEsHposh_xJlBvscuUN5gERljh-3aYT0-nkNhg5wPDBZt9w
Frame ID: 68BB84C12F927F65ADB43C54C3FB6402
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKVoi-f429SQgV792BRVyrgjEkOvrHz40BSME_KWdM-AUdcnvcZkdMjJhDt36vb3m24h9-79xell2DtPIFaZKy7IYCllsYSgT5SjekjgMBy9fPsl4BpNhiiEWjlvAq4P9blfmQNy-fbsuh_4MriWidTWwj4g&dbm_d=AKAmf-BGhixMJROiulwgrW07iPcsCvvxyfnkf1ycxWlyI7EOWMzT2Nn7fVeh1W8rt17IIsdw_baQH32rICG6ckdP9wyYVlkEUTmjWZyakoHIUUrFQHugOj2YFn65qcGMzA8HBHvwgQI5QLDDTkMn2yM6gVWE-WEGdi7d0KQ1l1Y9scUwejNUw4OjGfwrLEHWpouwKYFNkmIX655FtfQGYFvCPpdbLaUfektqI_Wce7GjgUOticplpURQFUz-C6uM4xctWjRa3MxkecEIDbuUbfq2vnMK32fHWOclN21BbEnQrI2jV-QwigEF2XuDC31i-BKJYftcSOoYJeMVkX240kxIgd1NIkDKxtQP-9pbmciqtD6_Yu7mLRhwKu9_cdDsPY4rITapV-HjYHAJCT3gN_v6noHD-NEsYmM7lmKPwsX0ZriRwyVfs1q8OwaNbMDgwrSmwRdehBResWx1ut1wbRoQYjD1-pKmfOmjYGN5j2r9IxBPBKRuHcvasPAN74lS48GK3U7eXTrcJB2fbEV1EaheRmXW_w7naWKvD31ZjcxYFUdd7XvoCIgcx0JRocygAeEG-GzJ9SUKMUN9KNmPsD8hPlxTBkYeS38uPErCT_rZiZbzKUWcv0a4zxn3oyu3Lo8aNqizoXkmVhdP0dRlC3pMAnyOFv3boUeHLR2-LiWm_UTta3Te4OSTboIW1ood1PykiXLh5CT8yf8v4h84nxkvqlxZJyI17VgT1DIJSigIlSJenk6NOrOkSqOfFuojAGzRpWv50bqyGe-fJlsObwJmVMPHSjzjqhiGpRIWl9CLINjR0lECNlXheUhaqkf9GgQgFL_xZOskcWvfjgC57-kFssFU8vjCfgI-L_x2NGmbAtmY9AFuOyYRKPexQZrLz_YGUJveaKjMCfNQk1_dbmyLIvfjzqovrRHGdWw2JX16wPKgxcF_cyQ9dTTKJ0JTsgNv8Bw2BENPbAePdAHwWneDJ5YG3-nnWg9cmUrWHv3Cd-tD7QwaTQlsaWkEQyAqFHoRfgLubwJBQJvOYzdjD5H7LAYjbQ30H5_sTm9-aG5Pog-icQYg6YNlvqTaSUCAU7NouZ16qbMPRNieowzKFKaadAhjACRuV6nesgbaNncRLTALsGtclQONSw-_THqqFeSA-YZ-glmIxQL1SUDs2JjzfyVrUbQI-d_mdnZNO64Aok9NPIo7qcjjC0DiRsr7olWlyRHSMdfdsXnVeuMPBt-Vk1-7RAhsKxBy_jjnu_p9oGJK39i3ey4C6JFOdsyCeNL1RxH_qAwm_sM-o-acV8WAC1lhrCI0-JfTAFWjt7j3PXUnQrfkPvy4cxz9PR2I6GNfH9zR3jsIXUKiqYdYHeTsTEVyZqCVjxbxffluf0EMd5cYJFWkw3W0a1J_g_WH2S9Km80741U2o3_13r7DsVFeiKc0CgZM4LbzIKWC4N103vymmX-fYN-g9UNilKLtuTh-pPU_rY3pwX5rIcqUNta4jbhiPw0TgjnEAqup6f2vkIYCxxgq_Isw1a_wVUpG-zXurVd_CcZBShQKL5YI4nKi9bqssKwj-XZ6wmHUybQIfoPYHIbDRIb5gC3xe2lHZP-fZ0NplZTSS3IqdBElbUkGgKmpCtLSepyfdgICMtWOFRNs8sqhBGuI8e_40Y3fW11ILvO6F0bw5k5SSHwgCsyzepl8jfwox3tGPzdm62YnkIlwQJ1cI_1RkjCYDgv9MpheCPNkyGGBDbuo_6nK1_ol2vVVcI-BSlKkSAV5ewPJ6zAYTczn2WMovPYAXRB4-NJ5FNx_9jMftu06kHGcjEANeeLVwul3iRgF8QHKhCSS1k8gQwRHyb0PH8KbRenzj2plPC4pmYnzkUd2bcU2d2pWvazoa4DrrIl37U46DwjQ-VMFYkgt6r56gquzbWgqQ-KYtDTbBAxSKxqGJV1wqvLU7Ezmghq6nMQVXmLROmVuhcy4sfvMgfMLU5onKZ_6E7A9j7N--SEL8TyPNf2kMhZgsUGTqjblQmwiMnCypM4A2lKjSWYmbQA-zkFvnsVUl29CVaMUpsBq587RmJY95vY3Ka75fCoKJEd1uZVqq6woLnLCRFQAYWwDJ0xrRQa6VBsLO2cNGIQLbnj_KSaWCZcmog9BNVjWplXlNMpR7d7R4mNXNBeL8ZyojvKbGir_XbgDK5TLpjPedhV71yN0MtK3UZ6dIg1YeDK3alxPXAU-aOo-chNuG0HOYYEm4ErzoaVXKBqNXXAGLGiGqUj2nFdUXfpm7k5iiXFkmrjFdDBXAII-v2_5m3LYsjv7GxOr-EmnkkrKqkhwjC5DtWcV8n81BCemLm9QqwEKw4sRQHpQq1NEzII-u-wvsxmW_rddIimwOHwD_6pnlRwKHBZlTScH00n1Co5bRR6QSGAwOsKS-5w6YEA_bpdlN3-hU1ahl89qPq968MIJw2shZxaP-zu-l55afbcoSU3DUR6x4qs9NcD1TqVjM1lusFRZ97hvtLJ847clnPNjVTuVgaY-GylvnCP6kTVzlnO8W8mDjl8WkJ2NzoLfg_9lfRY_ncysbo0TCfI3foEXXxVrgwCtkQ_9RoNd4WgqgvcOc5aDYAcpikwXHXqRymFSpMICZAfiuIz93UtLkh4pOtZA9deoMtc_FXUzwAY8_fvm9gaK21jF5z6tKq7MSQRs4CzyVwaMMXRkZrTIXSeS7bGoGgf6ozR0szAz1kM8Sm5hBdMFm_EKVB_GD5yZf1RROhdgW2N1ARXklUOqF7xHSd8nA8ZYVnuHmYKPKuga1weiZyWH53FBmVBo7RbcB1jNKb9o-PihkSZCvUaL8vRQfH1KOYpvU9hoK3fYQPJZn5FyMVWGybPUCiS8godbg6M95CCaz5d-aOZvXc8kXcIafLWUDh5B1MuAATwPsGPX-awq96rAjtLLFWqJoqPIrOozmxSyU7-b2ZNXD86qUj50ALAJp4eUNGTi9Gxz5mek-In7WjLjvV8Ku_68SaQ1X4s-AEc1nQkkaIpPz1m5bEjD9C9Sq7_H6XZjq7jJ0Yiw0GXQ2IUMujRCReEByIm3mDel71A9Sh21KCBN_N74F4IDkQShyGitEwYOqRi29WngOqlaMvbZYiLv3C46Wv2gpEfojrMVEljU458gnvrmNs6z&cid=CAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc&rfl=2%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240
Frame ID: 1512C4CAB3B3BE5A109C18400108A802
Requests: 8 HTTP requests in this frame

Frame: https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
Frame ID: C530C066275011BBBA6E87B68A87A9C0
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 725EEE8A2A9C6FF4DE24D732CD969540
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
Frame ID: 452627840E7F3E2A0F6CA4F427B7803F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 29947F05927B27281F39FC34F552724E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9693237/1611151990508/index.html
Frame ID: EA4CF247CDA194C5C6694469E8B5088A
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sci-hub.mksa.top/ HTTP 301
    https://sci-hub.mksa.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

147
Requests

97 %
HTTPS

56 %
IPv6

28
Domains

39
Subdomains

41
IPs

5
Countries

2451 kB
Transfer

4284 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sci-hub.mksa.top/ HTTP 301
    https://sci-hub.mksa.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
Request Chain 44
  • https://p1.ntvk1.ru/nps HTTP 302
  • https://optinder.com/cro
Request Chain 48
  • https://dmg.digitaltarget.ru/1/6703/i/i?i=711417790373137.909919489587972&c=tg:adcm_pc HTTP 302
  • https://dmg.digitaltarget.ru/1/6703/i/i?i=711417790373137.909919489587972&c=tg:adcm_pc&q=scc
Request Chain 49
  • https://dmg.digitaltarget.ru/1/6534/i/i?i=711417790373137.956989183200602&c=tg:adcm_pc HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=711417790373137.956989183200602&c=tg:adcm_pc HTTP 307
  • https://fnc.rt.ru/1/6532/i/i?i=qu15SF560tcua7R7AZAk&c=tg:rds_6534 HTTP 302
  • https://fnc.rt.ru/1/6532/i/i?i=qu15SF560tcua7R7AZAk&c=tg:rds_6534&q=scc HTTP 302
  • https://dmg.digitaltarget.ru/1/6533/i/i?i=781210001586998174912000000018432742&a=774&e=gPn4zp1qjFls5555zKTA
Request Chain 50
  • https://dmg.digitaltarget.ru/1/1086/i/i?i=711417790373137.529442859589572&a=86&e=5EFC831FF366BE602F0B07860212DA4E&c=ss:86.up:5EFC831FF366BE602F0B07860212DA4E.sync:up.xdua:duAVqQDggpwo5K4U8GgkEcTS.xps:xpscAD4KAv6YGX6g5zG5MyNFN.dn:sci_hub__mksa__top.dn:mksa__top.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=711417790373137.529442859589572&a=86&e=5EFC831FF366BE602F0B07860212DA4E&c=ss:86.up:5EFC831FF366BE602F0B07860212DA4E.sync:up.xdua:duAVqQDggpwo5K4U8GgkEcTS.xps:xpscAD4KAv6YGX6g5zG5MyNFN.dn:sci_hub__mksa__top.dn:mksa__top.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=1086&ts=XlJF3FOXM7bp-C77x3ER HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEKLrjr8Fn0SX9G9_GSVGhbc&ver=1&google_error=&code=1086&ts=XlJF3FOXM7bp-C77x3ER
Request Chain 68
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
Request Chain 69
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL5nUWFRPZ2NG7.2zARc4gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
Request Chain 70
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
Request Chain 71
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2
Request Chain 86
  • https://groupelaposte.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=322&a.te=221447&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ra=[RANDOM] HTTP 302
  • https://groupelaposte.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=159933&a.A=im&a.si=322&a.te=221447&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ra=[RANDOM] HTTP 302
  • https://laboutique.commander1.com/v3/?tcs=1491&rand=163677&chn=DisplayConqueteTrafic&src=NumberlyDisplay&cmp=2021_BNUM_TF_Mobilite_Trafic&med=&pub=&crtive=&vson=BNUM_TF_MOBILITE_PART_ALL-DEVICES_NativeAds_REEX-jour_TRAFIC_DV360&fmt=1x1&adgrp=&sem_kw=&aff_id=&aff_name=&url= HTTP 302
  • https://laboutique.commander1.com/v3/?firsttime=1&tcs=1491&rand=163677&chn=DisplayConqueteTrafic&src=NumberlyDisplay&cmp=2021_BNUM_TF_Mobilite_Trafic&med=&pub=&crtive=&vson=BNUM_TF_MOBILITE_PART_ALL-DEVICES_NativeAds_REEX-jour_TRAFIC_DV360&fmt=1x1&adgrp=&sem_kw=&aff_id=&aff_name=&url=
Request Chain 96
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 114
  • https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D HTTP 302
  • https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
Request Chain 117
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL5nUWFRPZ2NG7.2zARc4gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
Request Chain 119
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2

147 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sci-hub.mksa.top/
Redirect Chain
  • http://sci-hub.mksa.top/
  • https://sci-hub.mksa.top/
29 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:35c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b5229d1afc0962f11d27c8875317a0d92da419a5e6e2cf0ad02934e6f943ab

Request headers

:method
GET
:authority
sci-hub.mksa.top
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding
expires
Tue, 08 Jun 2021 06:37:04 GMT
cache-control
max-age=43200 no-cache
x-cache
MISS MISS
cf-cache-status
DYNAMIC
cf-request-id
0a895ca8bb000005d48388f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oc9cVTFSXrgb4REvxm6MqYS0hF7O8%2Bn5Zhl46cBJzPfEC9V%2BiV%2Fz3sa6EN%2BngAgmNljXP7SkpMTdbk%2FLsCGil7bd8511%2FYYrJPNfetktflpcH9MOkGXAGyQihAGxKY0nu9jDxma0nBceJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
65bbfd54589c05d4-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date
Mon, 07 Jun 2021 18:37:04 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 07 Jun 2021 19:37:04 GMT
Location
https://sci-hub.mksa.top/
cf-request-id
0a895ca8a300000eaf9c29c000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gtG4P8EUGey3MMR5wJQmgKIeOOMPMdsUagHlw3FmclpN5OM3IAjHdg%2F4ZM6FKlSvaR%2Btga6X0mXx1kYrvdNRLpNkSz2MHwNiH1501pFjdsVbbjy19dwsz6gR01DWfNlY1IOJUKOqrtlJ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
65bbfd5439650eaf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212588
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a895caadf00002b59b0bf5000000001
last-modified
Fri, 30 Nov 2018 04:24:28 GMT
server
cloudflare
etag
W/"5c00bb7c-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T9Tc106q0fLtM5ItzoMKTN%2BDHVhUYqzVw%2BBO%2B3ygRbtg4rD25PAzfRfJV%2BimLsLdoc7hB5ImtgS428lItaWMjEZsfawPDOIthqDQAsES5mCKhyI8inIS7vqIBp16c56%2FVFipsQOByHeUUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
65bbfd57cc972b59-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-ui.min.js
img.sci-hub.shop/scihub/ 		248 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212588
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a895caae300002b59e7a9c000000001
last-modified
Fri, 14 Dec 2018 08:14:20 GMT
server
cloudflare
etag
W/"5c13665c-3dee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lwAgngZxSwdoJb4p5xxNk7jxY8itRNDPC0WgIBswRfQQnF54ShfZCTUAheGFvOFjjkcI7JSN2QpPPtB0i2EkqrEuzT8NJKgHCDUrEKFV0UC3RGAaUVBG30CvZpXY052uVpIBbqL05%2FVu7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
65bbfd57cca42b59-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
openapi.js
img.sci-hub.shop/scihub/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/openapi.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212588
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a895caae900002b59eeb22000000001
last-modified
Fri, 30 Nov 2018 04:24:44 GMT
server
cloudflare
etag
W/"5c00bb8c-1798d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yL8afgmBxZHxk4Hn7GXGl7TishS7tUj3cM%2BzjJFnPo3IyLIGJqzvQnsXUlM7pxVzR%2BOOdwUrCjmOnHFw4qaozKQ%2BHu1x4msROVBgNdYfU%2BiVgeGgtllfiXoG5%2FoU09Eun6jWAEwdLXpNuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
65bbfd57cca92b59-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
medal.png
img.sci-hub.shop/scihub/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/medal.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212588
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
22275
cf-request-id
0a895cab3800004e19e18c5000000001
last-modified
Fri, 30 Nov 2018 06:13:38 GMT
server
cloudflare
etag
"5c00d512-5703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=g1j52woF1gAzvr%2FSPc9%2BMQuH380SB11b1JeaF7r9d5BwN7EF6MScvE4HRdq5%2FL4Da2Dw7O40JiQ3nMKPD9qao25apoQ3iImT3iwn4aBBNfXl%2BrN6G%2BzBZWDKoUd4NL94m6NkFnEE0WFrLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd5859d34e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
key_1.png
img.sci-hub.shop/scihub/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/key_1.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212588
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8428
cf-request-id
0a895cab3700004e19b9a10000000001
last-modified
Fri, 30 Nov 2018 06:13:40 GMT
server
cloudflare
etag
"5c00d514-20ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BGPD%2BIp0fqZx7U922zfNgxIt%2Bfe%2FxGF6oeJIhySaj0J2DUWAKN1c5vzSqbnqWwD3GAsPwpYUAdGyCM4NmeQ9qXFSqWCvQR2AlGRIhAUOXXXw6ts0r7zSNEx%2FSPki3gm6qGayMEyoEBuW4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd5859d94e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2b0c03d8dfc173fbc64deb1d4485e59ff3343254d5680ed354c5ab9166fa9b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"896 / 209 of 1000 / last-modified: 1623064336"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21401
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:37:04 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-193456449-1
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3646d20ae553409abecd3b5359c529b3b21b16a27466ef145d88ceda8a7a3254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35964
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 18:13:48 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Jun 2021 18:37:04 GMT
top-back.jpg
img.sci-hub.shop/scihub/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/top-back.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
188646
cf-request-id
0a895cab4000004e19b21b2000000001
last-modified
Mon, 16 Sep 2019 12:17:02 GMT
server
cloudflare
etag
"5d7f7d3e-2e0e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7TFeGusSvl5FR4xmmZIF%2FiHoy5dUYAZ9TmX7IJAXP4tcGRdHVDJKcpwV89R%2Fk%2BlxqJHxUth%2Ba3Lq5QHI7jWZSlttiWGz0NEdEBtmR3ljt%2Bf%2B0sF0CA9WMWR82isOYJoTMH3ymsAeGARcXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd5869ef4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_en.png
img.sci-hub.shop/scihub/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/logo_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14556
cf-request-id
0a895cab4c00004e19a1a01000000001
last-modified
Fri, 30 Nov 2018 05:56:38 GMT
server
cloudflare
etag
"5c00d116-38dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Sb4i2b5X5xXXzYd2itms1ohXwJb448ldu56Py6h9lV9xzcGe6laFsmvdw2cPxQz5zhVGj9m7tdaKVEiqxlufDlWA2Kzav8%2FeIT%2FnTpgnnfGZQnG1Tis86rMmdgr5qQ6MZ3ll6yjdlPEHDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd587a2f4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
raven_1.png
img.sci-hub.shop/scihub/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/raven_1.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
60144
cf-request-id
0a895cab4c00004e19d2032000000001
last-modified
Fri, 30 Nov 2018 05:56:32 GMT
server
cloudflare
etag
"5c00d110-eaf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sKo2JQbXqN%2Fy40BO43cOhx8EVjvSk4%2BoR6gv9oCFi5XsO4qQ1%2BPTzbxRuJJRbMVV5OedmcA%2BJpa59gx9LEXfIP0uJR%2F87VbnIRxgLBC%2Bh7A66uB1IDILpa%2BBLJyY989XlVmlEvf2aw0XGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd587a334e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
map.jpg
img.sci-hub.shop/scihub/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/map.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
55605
cf-request-id
0a895cab4d00004e19ad372000000001
last-modified
Fri, 30 Nov 2018 05:56:52 GMT
server
cloudflare
etag
"5c00d124-d935"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O7JofDOvGv1TG61NkSTTt2CSQvA%2Bp0p2fFzAeG0XilMa8ZD15lRUZIGyK3s5q2fI6lnIs3FedBS5pfSkCVP3LRvWaedT%2F9n8gFyRWD0%2Bbq4m1o5kozi3MdOpPlwxWiXiQHPPgreuDhv5vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd587a374e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
about-marker_en.png
img.sci-hub.shop/scihub/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3361
cf-request-id
0a895cab5500004e19ad374000000001
last-modified
Fri, 30 Nov 2018 05:57:02 GMT
server
cloudflare
etag
"5c00d12e-d21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=81zFshHNRbecY1Pinkor6dwdVoepqjKha%2FSTJPItI0Wbee9Z%2Bz11%2FzpGU9%2B8EOUx3WBl8aladyHBLQyMBllaAC6TH%2B%2BZgxrvj1y2IgfD%2BIKqENsnrSUBhVYEeiex16GLmVdodPbBHMuzhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd587a3d4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 		0
0
quote.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quote.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1068
cf-request-id
0a895cab7d00004e19c3363000000001
last-modified
Fri, 30 Nov 2018 05:57:12 GMT
server
cloudflare
etag
"5c00d138-42c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s8XTFh75yjJLfoDNXIWvl6xngUIA45q7gPQV9%2FirQpgj11K5uJLvsyvRprbD7OGFbAcC7guFykXeLDF7eWd8UhmdGJjYUqyZwHWYPSxwqdbnJj4GnjPRs12htypdyKttQU5qEryMxTcP3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb174e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
quotenext_en.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1087
cf-request-id
0a895cab7d00004e19a7a6b000000001
last-modified
Fri, 30 Nov 2018 05:57:18 GMT
server
cloudflare
etag
"5c00d13e-43f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XUaD8zUfrDCkAZjElGOhwr3xTRNLGqvb7fkMySRFSMaJs2dY0yEYPZsh%2BjDLziW6SdfiFjSeC%2B2%2FMddXsbjNVFSZQqG1SGpfMD%2BM5LygxfUndjGj%2Fmo6qANizKrMh9JmGCT3tLUjUyBDIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb1b4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pone.png
img.sci-hub.shop/scihub/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pone.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1637
cf-request-id
0a895cab8500004e19cd35e000000001
last-modified
Fri, 30 Nov 2018 05:57:24 GMT
server
cloudflare
etag
"5c00d144-665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=atUFk2MW2CIb6K8aJPZnstAfpRO86csuSboZwlAd63YvMpAQ47WAtz9XMKRaRnVd1x%2BKYYt80cF5pN5sp6YqDRMrMp2EDbAvWWPdRwv0Np%2FSqtVz%2BDvJ%2BoWnTqnH2jFP1wdzK9pXsCrKsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb1d4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ptwo.png
img.sci-hub.shop/scihub/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/ptwo.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3907
cf-request-id
0a895cab8900004e19f1aa9000000001
last-modified
Fri, 30 Nov 2018 05:57:30 GMT
server
cloudflare
etag
"5c00d14a-f43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=e6oYaVE%2FJqI73C4gMRKkRKEuyzxo3zRnxVMPffPgwOlmAghKoLgskC84J2wL2EzaoG4L0CgwnZqKukbjEUhNn6BABJskW8MPhIu3AwNV4UGlQYotUivxjkqSO5Pe4M58Zm73QEEWmLv64g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb3c4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pthree.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pthree.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4278
cf-request-id
0a895cab8600004e19d9802000000001
last-modified
Fri, 30 Nov 2018 05:57:36 GMT
server
cloudflare
etag
"5c00d150-10b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y4jnpCXspE6G8J3%2BnbOdB33de9C7BYduyrWOcNnRrNGmTZX1lG7LNHJGiZvNnGlvDmG7IbhYtnx%2FYDSkZEt2suAgQ9tiLeHlslX93IoeSZtWqvyVQCmpyRv9yRJ%2BR4dXPmYl5PhYgNF4Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb3f4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
people.jpg
img.sci-hub.shop/scihub/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/people.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
51212
cf-request-id
0a895cab8600004e19909fc000000001
last-modified
Fri, 30 Nov 2018 05:57:56 GMT
server
cloudflare
etag
"5c00d164-c80c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zO41eCEJLCblqQFfCF7Vm84wTBZeKh%2BdNTAzhv9uxLsU8xkZ0VEjL3m%2FLEOwko5E0X02VFipPAZyQF5zdPGdNErCCRJvBmB8N6S%2BGt8WwAQlG43rlKj2g13ttteLSYf7q5jsUq3urnc%2F3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb404e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
join_en.png
img.sci-hub.shop/scihub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/join_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6197
cf-request-id
0a895cab8700004e19a8aff000000001
last-modified
Fri, 30 Nov 2018 05:58:24 GMT
server
cloudflare
etag
"5c00d180-1835"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OiG9bxGVYehV2s%2FQWwLEgEVWEwv%2F1oz6BbGFMx3xgT0vf47nnokZz8ysOEi6%2FtEtiBukLnMpSyuMwB5azhymiEnIayHv0pkRu0AuK73r7F4ymAyekQ%2Bg1Teie3myuLCuA0LP4wbWUMX2jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb454e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
joinvk.png
img.sci-hub.shop/scihub/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinvk.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17834
cf-request-id
0a895cab8800004e1989be9000000001
last-modified
Fri, 30 Nov 2018 05:58:30 GMT
server
cloudflare
etag
"5c00d186-45aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jpEi0VVCL4soHlXmwbRn5SWpghvjSs2%2FnwUoS0qiQR9YjKm12iGZECT2SCIli4Yw9td4JwvtPd2prcd0Iy6TxtdE7kXbfz5QsuI4io43y0fv8imk3e97RBFj0wQsb39Vpt7c7O%2FkzxQGsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb464e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jointwitter.png
img.sci-hub.shop/scihub/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/jointwitter.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5751
cf-request-id
0a895cab8900004e199caf4000000001
last-modified
Fri, 30 Nov 2018 05:58:42 GMT
server
cloudflare
etag
"5c00d192-1677"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VzCrOxLI5dtxm2zF6Tpq0R6T9H1WJsY0Ler74uOJfUKQNesA%2FX7UTcc2%2F0uEywc5GXgnB51JKMmHsrVVAGI5JP8Ctdhe57MvnKZSllBtrwqRYQ3BDzZsgrPR7slFP1gTByylObjYL046Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb474e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
joinfacebook.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4152
cf-request-id
0a895cab8900004e19e2378000000001
last-modified
Fri, 30 Nov 2018 05:58:36 GMT
server
cloudflare
etag
"5c00d18c-1038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pRHV0yeycqllm5kFH3B7xjOeaAuJk2zccSUxryAUvc6KJfRTsGoYJeN75qtTP3AqqshX5pvUbdkB06zLjC41yL2JCvR7nOyWKeTydoalnVznYeFC4pZ1wm6F1labGg5HB25a6IplaapbPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
65bbfd58cb504e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pluso-like.js
img.sci-hub.shop/scihub/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/pluso-like.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
212587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a895cabaf00004e19a236b000000001
last-modified
Fri, 30 Nov 2018 04:39:20 GMT
server
cloudflare
etag
W/"5c00bef8-a5cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GWg21tOPR6No7jPDkqmkavxUw3I%2FZEDZnPoE8jf3HPR%2B8RFJUZSFe8Etw8vzFUtEvVdmrkMygwVfh6LwOguarLgu8HwL%2BIjXZpv6UvuAABYbrZZzrnIj8xv0vdKMJYo4FB2T6O8gGzlirA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
65bbfd591bff4e19-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193456449-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5141
date
Mon, 07 Jun 2021 17:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 07 Jun 2021 19:11:23 GMT
pubads_impl_2021060201.js
securepubads.g.doubleclick.net/gpt/ 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
afcea64040738271b127e7b2338adaf40a6612e0320ec5e4d1e5353d92a3bfbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Jun 2021 19:37:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112073
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:37:04 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=683982573&t=pageview&_s=1&dl=https%3A%2F%2Fsci-hub.mksa.top%2F&ul=en-us&de=UTF-8&dt=Sci-Hub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1105344367&gjid=1525260903&cid=212174344.1623091025&tid=UA-193456449-1&_gid=1386305672.1623091025&_r=1&gtm=2ou621&z=1850123786
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sci-hub.mksa.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-193456449-1&cid=212174344.1623091025&jid=1105344367&gjid=1525260903&_gid=1386305672.1623091025&_u=YEBAAUAAAAAAAC~&z=1886446550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Jun 2021 18:37:04 GMT
content-type
text/plain
access-control-allow-origin
https://sci-hub.mksa.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.fr/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=sci-hub.mksa.top
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sci-hub.mksa.top
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1440873008213555&correlator=2970631341327905&output=ldjh&impl=fifs&eid=31060783%2C31060789%2C31061161%2C31061369%2C31061200%2C31060840&vrg=2021060201&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2C970X90-01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1623091025&dt=1623091025003&dlt=1623091024602&idt=376&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=900&adks=1836978441&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=970x-1&ga_vid=212174344.1623091025&ga_sid=1623091025&ga_hid=683982573&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
adcdf7270ea1f65288abadefce0bfe9b4004f4e8912a760fb3cb083961c81469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8018
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sci-hub.mksa.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1440873008213555&correlator=2970631341327905&output=ldjh&impl=fifs&eid=31060783%2C31060789%2C31061161%2C31061369%2C31061200%2C31060840&vrg=2021060201&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2C336X280-01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1623091025&dt=1623091025008&dlt=1623091024602&idt=376&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=1552&adks=2992418410&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=528x334&msz=336x-1&ga_vid=212174344.1623091025&ga_sid=1623091025&ga_hid=683982573&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
219410fa0b7c4cc462cd4096b8fe3945f1e416b2c79a46c27a65dc1a67fc341d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8894
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sci-hub.mksa.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		479 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1440873008213555&correlator=2970631341327905&output=ldjh&impl=fifs&eid=31060783%2C31060789%2C31061161%2C31061369%2C31061200%2C31060840&vrg=2021060201&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2Czsy-01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1623091025&dt=1623091025010&dlt=1623091024602&idt=376&frm=20&biw=1600&bih=1200&oid=3&adxs=426&adys=2192&adks=1528813087&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=748x120&msz=0x0&ga_vid=212174344.1623091025&ga_sid=1623091025&ga_hid=683982573&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e1a7295d9e648bc7779a1dac229a0e5de9c6edc7bdde8782cff839ca66576df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sci-hub.mksa.top
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1440873008213555&correlator=2970631341327905&output=ldjh&impl=fifs&eid=31060783%2C31060789%2C31061161%2C31061369%2C31061200%2C31060840&vrg=2021060201&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2Czsy-youtu01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1623091025&dt=1623091025011&dlt=1623091024602&idt=376&frm=20&biw=1600&bih=1200&oid=3&adxs=430&adys=2192&adks=3809152490&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=748x120&msz=0x0&ga_vid=212174344.1623091025&ga_sid=1623091025&ga_hid=683982573&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
055ec9b24dc5180339a4158ce8757666a303e3ef0b9c12e87644fb7cebeb12f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14902
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sci-hub.mksa.top
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
process
share.pluso.ru/ 		119 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=QfMTEWFLsBU4O6Dl&first=1
Requested by
Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
bdd4003804f6ce8052531178f70d642ad8fdc912033665ecc0b38163acd16b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:38:50 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
application/javascript
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
119
X-XSS-Protection
1; mode=block
process
share.pluso.ru/ 		119 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=MvmyMTah6nPycVEU
Requested by
Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
bdd4003804f6ce8052531178f70d642ad8fdc912033665ecc0b38163acd16b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:38:50 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
application/javascript
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
119
X-XSS-Protection
1; mode=block
hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:05 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 06 Jun 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:05 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 06 Jun 2020 21:00:00 GMT
06.png
share.pluso.ru/img/pluso-like/square/medium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://share.pluso.ru/img/pluso-like/square/medium/06.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:38:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2015 11:02:40 GMT
Server
nginx
ETag
"552ba250-5b8f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
23439
X-XSS-Protection
1; mode=block
plus.png
share.pluso.ru/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://share.pluso.ru/img/plus.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:38:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2015 11:02:40 GMT
Server
nginx
ETag
"552ba250-98a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2442
X-XSS-Protection
1; mode=block
kb.js
kitbit.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kitbit.net/kb.js
Requested by
Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
40275f8603fc3d13cb9001f13f57a9fc2680026d2cbdbd58cc3c6ba77ec8db9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:35:31 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
H4P8XmC+ZvOGBwsvTtoSAg==
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control
max-age=21600, private
Connection
keep-alive
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Expires
Tue, 08 Jun 2021 00:35:31 GMT
adcm.js
tag.digitaltarget.ru/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:05 GMT
Last-Modified
Thu, 13 May 2021 10:40:41 GMT
Server
nginx
ETag
"609d0229-c11"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3089
s.js
kitbit.net/ 		1 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kitbit.net/s.js?u=https%3A%2F%2Fsci-hub.mksa.top%2F
Requested by
Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:35:31 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Mon, 07 Jun 2021 18:35:30 GMT
h.gif
kitbit.net/ 		43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//sci-hub.mksa.top/&h=Sci-Hub%26kbuid%3D5EFC831FF366BE602F0B07860212DA4E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:35:31 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
H4P8XmC+ZvOGBwsvTtoYAg==
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 07 Jun 2021 18:35:31 GMT
cro
optinder.com/
Redirect Chain
  • https://p1.ntvk1.ru/nps
  • https://optinder.com/cro
0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optinder.com/cro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:c8d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:05 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lqdVkQ%2BHe9JF%2FMs7NaFaYt6p7Gm85jZ6VejKZWaApxIj4YCuOKpNGLhcASx8OnvNFj4gbMho7W6MiOymBunjH184iid9JN3FknNaLiP7QOQQ57mE9a0vof4EmrTHJxHc1MFJyey7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cf-ray
65bbfd5c481c4e98-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a895cadb300004e98533ac000000001

Redirect headers

x-77-nzt
AcO1ry+ew+CB
date
Mon, 07 Jun 2021 18:37:05 GMT
last-modified
Mon, 07 Jun 2021 18:37:04 GMT
server
CDN77-Turbo
x-77-nzt-ray
lPBJaV37JQA=
x-77-cache
MISS
content-type
text/html; charset=UTF-8
location
//optinder.com/cro
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
x-cache
MISS
x-77-pop
frankfurtDE
content-length
0
x-request-id
1231180518-1-1623091025.300
expires
Mon, 07 Jun 2021 18:37:04 GMT
sud
ut9.rktch.com/ 		88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut9.rktch.com/sud
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:05 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
88
Content-Type
image/png
processor.js
tag.digitaltarget.ru/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=747003967292211
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
5a0da3f86d0505c67db1fb2287ce92548014d4ba7969eb76b7f716a5d5009e8f

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:05 GMT
Last-Modified
Thu, 13 May 2021 10:40:42 GMT
Server
nginx
ETag
"609d022a-3da5"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15781
extension_1086.js
tag.digitaltarget.ru/extensions/ 		732 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/extensions/extension_1086.js?i=8358225315553
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
acde19dd39fd4b3b76819f21d622af86dcdf0cb00967a337a01005e8316ccb1f

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:05 GMT
Last-Modified
Thu, 13 May 2021 10:40:42 GMT
Server
nginx
ETag
"609d022a-2dc"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
732
i
dmg.digitaltarget.ru/1/6703/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6703/i/i?i=711417790373137.909919489587972&c=tg:adcm_pc
  • https://dmg.digitaltarget.ru/1/6703/i/i?i=711417790373137.909919489587972&c=tg:adcm_pc&q=scc
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/6703/i/i?i=711417790373137.909919489587972&c=tg:adcm_pc&q=scc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location
/1/6703/i/i?i=711417790373137.909919489587972&c=tg:adcm_pc&q=scc
Date
Mon, 07 Jun 2021 18:37:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"
i
dmg.digitaltarget.ru/1/6533/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6534/i/i?i=711417790373137.956989183200602&c=tg:adcm_pc
  • https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=711417790373137.956989183200602&c=tg:adcm_pc
  • https://fnc.rt.ru/1/6532/i/i?i=qu15SF560tcua7R7AZAk&c=tg:rds_6534
  • https://fnc.rt.ru/1/6532/i/i?i=qu15SF560tcua7R7AZAk&c=tg:rds_6534&q=scc
  • https://dmg.digitaltarget.ru/1/6533/i/i?i=781210001586998174912000000018432742&a=774&e=gPn4zp1qjFls5555zKTA
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/6533/i/i?i=781210001586998174912000000018432742&a=774&e=gPn4zp1qjFls5555zKTA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
7
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Location
https://dmg.digitaltarget.ru/1/6533/i/i?i=781210001586998174912000000018432742&a=774&e=gPn4zp1qjFls5555zKTA
Date
Mon, 07 Jun 2021 18:37:06 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"
7162
dmg.digitaltarget.ru/awg/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1086/i/i?i=711417790373137.529442859589572&a=86&e=5EFC831FF366BE602F0B07860212DA4E&c=ss:86.up:5EFC831FF366BE602F0B07860212DA4E.sync:up.xdua:duAVqQDggpwo5K4U8GgkEcTS.x...
  • https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=711417790373137.529442859589572&a=86&e=5EFC831FF366BE602F0B07860212DA4E&c=ss:86.up:5EFC831FF366BE602F0B07860212DA4E.sync:up.xdua:d...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=1086&ts=XlJF3FOXM7bp-C77x3ER
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEKLrjr8Fn0SX9G9_GSVGhbc&ver=1&google_error=&code=1086&ts=XlJF3FOXM7bp-C77x3ER
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEKLrjr8Fn0SX9G9_GSVGhbc&ver=1&google_error=&code=1086&ts=XlJF3FOXM7bp-C77x3ER
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
8
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEKLrjr8Fn0SX9G9_GSVGhbc&ver=1&google_error=&code=1086&ts=XlJF3FOXM7bp-C77x3ER
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
dmg.digitaltarget.ru/1/1086/i/ 		52 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/1086/i/i?i=711417790373137.504656785294582&a=86&e=5EFC831FF366BE602F0B07860212DA4E&c=ss:86.up:5EFC831FF366BE602F0B07860212DA4E.sync:up.xdua:duAVqQDggpwo5K4U8GgkEcTS.xps:xpscAD4KAv6YGX6g5zG5MyNFN.dn:sci_hub__mksa__top.dn:mksa__top.adcm:hit.tg:adcmjs_noorient
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 18:37:05 GMT
Server
nginx
Connection
keep-alive
Content-Length
52
Content-Type
image/gif
container.html
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 55A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sci-hub.mksa.top/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sci-hub.mksa.top/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 07 Jun 2021 18:37:05 GMT
expires
Tue, 07 Jun 2022 18:37:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622805992319560"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28149
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:37:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85de52f1793078186a21d24b666b1bc1af8adf6ebafa753865373938214c37e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8542 		624 B
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYwq2LqQEwAQ&v=APEucNVGR_1NzrLK5Wm_G2ZbkmwRTdRmGwbUF5IFN82JD4MxhkrLD1RLWbivUeIYsyJQuD2KUYndVQwsR5fMYfZcM-ighndUH6YWC94jWOfkTo1vhX0d3whmnXujTBagimpq5F7pAVSunHEGTwNdGfIlPkfz1nqTSYIbRdxRCcHQNI6Ze_QDqf0
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPDkLxCoi2UYwq2LqQEwAQ&v=APEucNVGR_1NzrLK5Wm_G2ZbkmwRTdRmGwbUF5IFN82JD4MxhkrLD1RLWbivUeIYsyJQuD2KUYndVQwsR5fMYfZcM-ighndUH6YWC94jWOfkTo1vhX0d3whmnXujTBagimpq5F7pAVSunHEGTwNdGfIlPkfz1nqTSYIbRdxRCcHQNI6Ze_QDqf0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 07 Jun 2021 18:37:05 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmHcJ_8zax4aAbOlKEnxeslN2zbAxJ6gnIm99rNJ8q9sol_GPGF15KhhhOo; expires=Sat, 02-Jul-2022 18:37:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 18:37:05 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2E0E 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHC_sc4lI8C67qky5bGuQ3mk-OruYBRoamcBkA0e2fE9HMPvMqklahfY06BJKD5Np7dlE_xYPa_n7JMrHC_LS7HOz6CnaO8Apc0NmUMtNigoC_72LbPEFHt_BNZJDwyTjd0Q5j3q2dAtm-VHvyEBl-ep5mUw&dbm_d=AKAmf-DQVFOvSrAfQ4WIr-YSVCS_T0jerJY3PFpscRZNfHSCew5hagR-XHyREXYXTCwMTi0JoIClOalae0AXbK5hkJ88IyWtWipS5GRq2jUMlStbspC-fepjOA1GIK7TTCox-UjglO6g5GBNalt94yMRNbqhTpamz2lepidHO-r3_RrKMvXA4ASiN31FL8ZlqOGb6TFs9hRlH-Ux63wBB8Q9jy8lFic_3hEDwYainEmhrIwu9tHRpH0QBofFAsCKmViW405wTULeGGzTT_Mpiz2R1NfMCROPpLOo0p5M0xR3lC0CWnrxB-mxQyMZMOsn9n3kNzbD2AL6gRJ4CL8ME2wex1xfMHfussL2z02VghDarEnOg8RAoZpCI_M6lAavJyLY_EVkrTkTfLx0qE6lu1jnkKEU4Krrwm4cj0M7NhnmiC-8NceqvCn75xIMGBVQk0ijTk89ZgkwEJeC36W8nyhRA2TeR9s8n602kZDlEnYzHH7N-fFYgHJss2Ed6y7Jauk5PMjn4MBKemHKu-LWry7mDcxrnt9d8VLAvXbm2CRajs_nnQbxEx1ru8JkhrOG4trwvroTQvlFD2u6_Lr5fxc0VdmZJxRzKyawvcSXTt--iN7F7F6N-CG6WiKFnjl5608EiUQLu0wzyQ63uCMfnpLuVhA3ODgw6kT-JjGdZaX0Wb-ToCR6DqhwQC5Z5FWSj55mFbX6GjvfjQXTFTEygAqlJiP-fwcndDXgC_K3pigGmvxwzI9kOkD07bZX9mPO4ZxvIDtOB7irCgVRFLXg03W2EYoRb7VS7S5f06LeUmnTnJocd5nD77Qyn1qUgjhMriMgA6GLXjPIdDrrt3OQ2LR3BgqqEtfgOQfsSLbGZFJptZzFO39dLSpMNMqsg6eAU87eBQsfRxH8LkWSSsEMyIWNzLHJ8cIJfcsIXCn_I7MN3xTZfCE4ASjMlfkHU1sPNJvwDmfK22UamHkTk1TsAnSUVA6WcZnQhiJQ0DTBq2dDnZjvvbqWd5mCbhy327l-Rrrw2tnDAOpyIS2ykn_8EyuAMFfpAR0cKyuOFd8wLCQt2dF_6G24EVNGE2bjbJTs0n8X7CVfEQCTlfdlvFt-MdX-HWpT4U65Z0993rph-wS1VTgckDW5P0kkqP7GBfeJlnXMihv0IXvTDjZf6IlCMiThXR8pzG3IkNBHAkypjLBa5Y-voOak8tMuYzm24QDt5sbrq5ehykp-65r39B1R4JxSN6kGQu8usOzVXcVKUu55gp-qb4I2o2m44_waBx08QhQhYNjQGaw7CyIXhAXA3XDE8v6-nbS_RSZQgVBtroggfhuyOpndejdUR_i6Rkua2I8HHODSswmUQOX8Xi2rS528uMb35sVmDq8jAgUiQ7_ePzDx9QJh2Q1AX7KQZXFuevz6_xfaAG3MiclTpS2yPMsOwaJTbYaeHmmqnhbnkSddvIZ07aQR8Ld3KcJV7peMp1j7PgDJHjHOOYYIJT80boJsOW1ZfDr7PBDkVb-_H4Qd6vmIlQoKuxdfron4zIJ7zivPzRvsunWB1uj-PuUAXqLKzOjYG0eNgcyJWjznGz1YrAGNoWYI0U_ORmGHWbuLMhwYzQYXiZl7X_vzQL2yHjTjlnWaybP3otZMrEOAppPEgWFPS5PMnRzblqgmo2bBa00B1-BqyHcd18cCnGnq_Y6poG1X8VnS-EDylN_wvJJfTpaOuz4Hfly2Pv6MYaHUbDn0eh4G5NRuGPM0L_WW38Qq3iX3DuDtYVXjvdH2_OIJtEJCA_4yr0jyP9VhFQBtm5cQg-OuL22BR_7VLQhV416Z2bKs1PJi7ZsFfulWYEidtooypiYNknEnS0brU1hJqShoTDPYJx2HgwJao5TTW7uq7cjBLj9TPfxI-qaO7mZZSO6egGEuFKImmnD7EFOzBkTkrQng96QOdfPy9td-WYaGdTt9i87UkM1jpEyDztNR0U8Ny4ATdUiMqjIOCwP0B14g-DK0h-ksHweGo48b2l7v5-PIimpSrII9qcESpW9kPC39MSGWjlTynuZ0xwJptEXz51LwflnAaQ2KoOcFUpSaykAzp6ydjHbjLoPmceukk9LTIrjzCEe8h1RnmxfgDIEZin_1h4-xniT96-Gs2IF3f4z8dKNpsQJm3aSrKFrfpvpvBmMu9TxIbmsg-TyJWGR6RHCNFfKvQk2dqguIZH3Sh-MRK1IwxU42lfmBDFsl9TTC3jcht9FYHQD1ZMJCyxtn8kfW1nBes2Bg8zWz_AO9mzu5nqzj970f6md88U5uGYAvJShycuoW3hq-gl8eEpV-Fjixd8j1tgYSArt_cuq3HJQAmSxdKVJsf9Wzlr7GzqTLEoKDmjiQXfyDWMzptSdYMZRmTwTUDqz0z3Yi6gNtExk85UdyQTbeVckOmIhO61hip96PPvJ-rWxrL4-BZdRTlZtWEKYXikGoz02ZOFWk-gI8gAoVKfYOVMxreco_gApK2MSiBxvySSzLZb082LrNk-QM5EIuhOiAb7DbbYvjEabS_u43c-chT_p5Qv8YyhmD3n1lrSB7Cd-y3e0iZEB6tKrvxsT95fF4hO3anA7KrLq9t02OXBl3OP_iTxUV71Sd-y90oCxHEQCM7ZZYfi0jwKUVDOuOJRn0sKYxtqYEEZ3nC2w5JEhwyy34kUnv8dGfQwCK9AIfYORK5IUhMsaBl4gNnQtLgCVxa48ljjkTkpQrzmDpBPMrMnT-rEJSHsCe0c05Ua0U9HndCznbrlLVCf8t8LToLuLDpBfQQjgZW5uqKssLVIOerxvRX0rJXHsJvZM-dvBxo9Ak9-ni4B24YurPqNK_EUT_TpM7b-SqpQPunvICBbXbhG-PIsxMUrkuCHZOaQ0T9vji6dtCduYfndsHD9Auk2Qn4pzKHRhAxZvJ9ZsoNssrlh54G6azc1aFCO24eVj-kza7JwbcexrF6a9_cKTyUmty5tKLLQ5J10zWMoFLjw&cid=CAASPeRo43F0N5hxVPhkZYqppq8sN32uGDCwPWWo7hIbcZeeUYJNVa3AVH2H0GHWFCR8piWaLuXCWCafGfGbiSk&rfl=2%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbb90c9eaf5d2c67cce901767f2bcea3cde40b3777b6b208d54ea7ea671948d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23981
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 2E0E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Jun 2021 18:34:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E0E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622806011323838"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:37:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 2E0E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1091097466425408374
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Jun 2021 18:33:40 GMT
l
www.google.com/ads/measurement/ Frame 2E0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQodN3Ot3Lbr6Al4gtd_L4y2S0Pc9UCTZ2FfET2Ty10trkiVhPxE6R8csQdPyvb5fGiQfNY
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E0E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5fmQdWDEnphblql0CCx4fQNCCNGgK6U558XFedAMe1rpPqY-3Oo2wsDMoJNyAoJ2t1BxYuzBNJxWQmhm4lnVe-18UXkz0wu7LEhVCdowG6ib4W2M
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:37:05 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 2E0E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 19:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Jun 2021 19:05:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame 2E0E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHC_sc4lI8C67qky5bGuQ3mk-OruYBRoamcBkA0e2fE9HMPvMqklahfY06BJKD5Np7dlE_xYPa_n7JMrHC_LS7HOz6CnaO8Apc0NmUMtNigoC_72LbPEFHt_BNZJDwyTjd0Q5j3q2dAtm-VHvyEBl-ep5mUw&dbm_d=AKAmf-DQVFOvSrAfQ4WIr-YSVCS_T0jerJY3PFpscRZNfHSCew5hagR-XHyREXYXTCwMTi0JoIClOalae0AXbK5hkJ88IyWtWipS5GRq2jUMlStbspC-fepjOA1GIK7TTCox-UjglO6g5GBNalt94yMRNbqhTpamz2lepidHO-r3_RrKMvXA4ASiN31FL8ZlqOGb6TFs9hRlH-Ux63wBB8Q9jy8lFic_3hEDwYainEmhrIwu9tHRpH0QBofFAsCKmViW405wTULeGGzTT_Mpiz2R1NfMCROPpLOo0p5M0xR3lC0CWnrxB-mxQyMZMOsn9n3kNzbD2AL6gRJ4CL8ME2wex1xfMHfussL2z02VghDarEnOg8RAoZpCI_M6lAavJyLY_EVkrTkTfLx0qE6lu1jnkKEU4Krrwm4cj0M7NhnmiC-8NceqvCn75xIMGBVQk0ijTk89ZgkwEJeC36W8nyhRA2TeR9s8n602kZDlEnYzHH7N-fFYgHJss2Ed6y7Jauk5PMjn4MBKemHKu-LWry7mDcxrnt9d8VLAvXbm2CRajs_nnQbxEx1ru8JkhrOG4trwvroTQvlFD2u6_Lr5fxc0VdmZJxRzKyawvcSXTt--iN7F7F6N-CG6WiKFnjl5608EiUQLu0wzyQ63uCMfnpLuVhA3ODgw6kT-JjGdZaX0Wb-ToCR6DqhwQC5Z5FWSj55mFbX6GjvfjQXTFTEygAqlJiP-fwcndDXgC_K3pigGmvxwzI9kOkD07bZX9mPO4ZxvIDtOB7irCgVRFLXg03W2EYoRb7VS7S5f06LeUmnTnJocd5nD77Qyn1qUgjhMriMgA6GLXjPIdDrrt3OQ2LR3BgqqEtfgOQfsSLbGZFJptZzFO39dLSpMNMqsg6eAU87eBQsfRxH8LkWSSsEMyIWNzLHJ8cIJfcsIXCn_I7MN3xTZfCE4ASjMlfkHU1sPNJvwDmfK22UamHkTk1TsAnSUVA6WcZnQhiJQ0DTBq2dDnZjvvbqWd5mCbhy327l-Rrrw2tnDAOpyIS2ykn_8EyuAMFfpAR0cKyuOFd8wLCQt2dF_6G24EVNGE2bjbJTs0n8X7CVfEQCTlfdlvFt-MdX-HWpT4U65Z0993rph-wS1VTgckDW5P0kkqP7GBfeJlnXMihv0IXvTDjZf6IlCMiThXR8pzG3IkNBHAkypjLBa5Y-voOak8tMuYzm24QDt5sbrq5ehykp-65r39B1R4JxSN6kGQu8usOzVXcVKUu55gp-qb4I2o2m44_waBx08QhQhYNjQGaw7CyIXhAXA3XDE8v6-nbS_RSZQgVBtroggfhuyOpndejdUR_i6Rkua2I8HHODSswmUQOX8Xi2rS528uMb35sVmDq8jAgUiQ7_ePzDx9QJh2Q1AX7KQZXFuevz6_xfaAG3MiclTpS2yPMsOwaJTbYaeHmmqnhbnkSddvIZ07aQR8Ld3KcJV7peMp1j7PgDJHjHOOYYIJT80boJsOW1ZfDr7PBDkVb-_H4Qd6vmIlQoKuxdfron4zIJ7zivPzRvsunWB1uj-PuUAXqLKzOjYG0eNgcyJWjznGz1YrAGNoWYI0U_ORmGHWbuLMhwYzQYXiZl7X_vzQL2yHjTjlnWaybP3otZMrEOAppPEgWFPS5PMnRzblqgmo2bBa00B1-BqyHcd18cCnGnq_Y6poG1X8VnS-EDylN_wvJJfTpaOuz4Hfly2Pv6MYaHUbDn0eh4G5NRuGPM0L_WW38Qq3iX3DuDtYVXjvdH2_OIJtEJCA_4yr0jyP9VhFQBtm5cQg-OuL22BR_7VLQhV416Z2bKs1PJi7ZsFfulWYEidtooypiYNknEnS0brU1hJqShoTDPYJx2HgwJao5TTW7uq7cjBLj9TPfxI-qaO7mZZSO6egGEuFKImmnD7EFOzBkTkrQng96QOdfPy9td-WYaGdTt9i87UkM1jpEyDztNR0U8Ny4ATdUiMqjIOCwP0B14g-DK0h-ksHweGo48b2l7v5-PIimpSrII9qcESpW9kPC39MSGWjlTynuZ0xwJptEXz51LwflnAaQ2KoOcFUpSaykAzp6ydjHbjLoPmceukk9LTIrjzCEe8h1RnmxfgDIEZin_1h4-xniT96-Gs2IF3f4z8dKNpsQJm3aSrKFrfpvpvBmMu9TxIbmsg-TyJWGR6RHCNFfKvQk2dqguIZH3Sh-MRK1IwxU42lfmBDFsl9TTC3jcht9FYHQD1ZMJCyxtn8kfW1nBes2Bg8zWz_AO9mzu5nqzj970f6md88U5uGYAvJShycuoW3hq-gl8eEpV-Fjixd8j1tgYSArt_cuq3HJQAmSxdKVJsf9Wzlr7GzqTLEoKDmjiQXfyDWMzptSdYMZRmTwTUDqz0z3Yi6gNtExk85UdyQTbeVckOmIhO61hip96PPvJ-rWxrL4-BZdRTlZtWEKYXikGoz02ZOFWk-gI8gAoVKfYOVMxreco_gApK2MSiBxvySSzLZb082LrNk-QM5EIuhOiAb7DbbYvjEabS_u43c-chT_p5Qv8YyhmD3n1lrSB7Cd-y3e0iZEB6tKrvxsT95fF4hO3anA7KrLq9t02OXBl3OP_iTxUV71Sd-y90oCxHEQCM7ZZYfi0jwKUVDOuOJRn0sKYxtqYEEZ3nC2w5JEhwyy34kUnv8dGfQwCK9AIfYORK5IUhMsaBl4gNnQtLgCVxa48ljjkTkpQrzmDpBPMrMnT-rEJSHsCe0c05Ua0U9HndCznbrlLVCf8t8LToLuLDpBfQQjgZW5uqKssLVIOerxvRX0rJXHsJvZM-dvBxo9Ak9-ni4B24YurPqNK_EUT_TpM7b-SqpQPunvICBbXbhG-PIsxMUrkuCHZOaQ0T9vji6dtCduYfndsHD9Auk2Qn4pzKHRhAxZvJ9ZsoNssrlh54G6azc1aFCO24eVj-kza7JwbcexrF6a9_cKTyUmty5tKLLQ5J10zWMoFLjw&cid=CAASPeRo43F0N5hxVPhkZYqppq8sN32uGDCwPWWo7hIbcZeeUYJNVa3AVH2H0GHWFCR8piWaLuXCWCafGfGbiSk&rfl=2%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Jun 2021 18:33:04 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 2E0E 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHC_sc4lI8C67qky5bGuQ3mk-OruYBRoamcBkA0e2fE9HMPvMqklahfY06BJKD5Np7dlE_xYPa_n7JMrHC_LS7HOz6CnaO8Apc0NmUMtNigoC_72LbPEFHt_BNZJDwyTjd0Q5j3q2dAtm-VHvyEBl-ep5mUw&dbm_d=AKAmf-DQVFOvSrAfQ4WIr-YSVCS_T0jerJY3PFpscRZNfHSCew5hagR-XHyREXYXTCwMTi0JoIClOalae0AXbK5hkJ88IyWtWipS5GRq2jUMlStbspC-fepjOA1GIK7TTCox-UjglO6g5GBNalt94yMRNbqhTpamz2lepidHO-r3_RrKMvXA4ASiN31FL8ZlqOGb6TFs9hRlH-Ux63wBB8Q9jy8lFic_3hEDwYainEmhrIwu9tHRpH0QBofFAsCKmViW405wTULeGGzTT_Mpiz2R1NfMCROPpLOo0p5M0xR3lC0CWnrxB-mxQyMZMOsn9n3kNzbD2AL6gRJ4CL8ME2wex1xfMHfussL2z02VghDarEnOg8RAoZpCI_M6lAavJyLY_EVkrTkTfLx0qE6lu1jnkKEU4Krrwm4cj0M7NhnmiC-8NceqvCn75xIMGBVQk0ijTk89ZgkwEJeC36W8nyhRA2TeR9s8n602kZDlEnYzHH7N-fFYgHJss2Ed6y7Jauk5PMjn4MBKemHKu-LWry7mDcxrnt9d8VLAvXbm2CRajs_nnQbxEx1ru8JkhrOG4trwvroTQvlFD2u6_Lr5fxc0VdmZJxRzKyawvcSXTt--iN7F7F6N-CG6WiKFnjl5608EiUQLu0wzyQ63uCMfnpLuVhA3ODgw6kT-JjGdZaX0Wb-ToCR6DqhwQC5Z5FWSj55mFbX6GjvfjQXTFTEygAqlJiP-fwcndDXgC_K3pigGmvxwzI9kOkD07bZX9mPO4ZxvIDtOB7irCgVRFLXg03W2EYoRb7VS7S5f06LeUmnTnJocd5nD77Qyn1qUgjhMriMgA6GLXjPIdDrrt3OQ2LR3BgqqEtfgOQfsSLbGZFJptZzFO39dLSpMNMqsg6eAU87eBQsfRxH8LkWSSsEMyIWNzLHJ8cIJfcsIXCn_I7MN3xTZfCE4ASjMlfkHU1sPNJvwDmfK22UamHkTk1TsAnSUVA6WcZnQhiJQ0DTBq2dDnZjvvbqWd5mCbhy327l-Rrrw2tnDAOpyIS2ykn_8EyuAMFfpAR0cKyuOFd8wLCQt2dF_6G24EVNGE2bjbJTs0n8X7CVfEQCTlfdlvFt-MdX-HWpT4U65Z0993rph-wS1VTgckDW5P0kkqP7GBfeJlnXMihv0IXvTDjZf6IlCMiThXR8pzG3IkNBHAkypjLBa5Y-voOak8tMuYzm24QDt5sbrq5ehykp-65r39B1R4JxSN6kGQu8usOzVXcVKUu55gp-qb4I2o2m44_waBx08QhQhYNjQGaw7CyIXhAXA3XDE8v6-nbS_RSZQgVBtroggfhuyOpndejdUR_i6Rkua2I8HHODSswmUQOX8Xi2rS528uMb35sVmDq8jAgUiQ7_ePzDx9QJh2Q1AX7KQZXFuevz6_xfaAG3MiclTpS2yPMsOwaJTbYaeHmmqnhbnkSddvIZ07aQR8Ld3KcJV7peMp1j7PgDJHjHOOYYIJT80boJsOW1ZfDr7PBDkVb-_H4Qd6vmIlQoKuxdfron4zIJ7zivPzRvsunWB1uj-PuUAXqLKzOjYG0eNgcyJWjznGz1YrAGNoWYI0U_ORmGHWbuLMhwYzQYXiZl7X_vzQL2yHjTjlnWaybP3otZMrEOAppPEgWFPS5PMnRzblqgmo2bBa00B1-BqyHcd18cCnGnq_Y6poG1X8VnS-EDylN_wvJJfTpaOuz4Hfly2Pv6MYaHUbDn0eh4G5NRuGPM0L_WW38Qq3iX3DuDtYVXjvdH2_OIJtEJCA_4yr0jyP9VhFQBtm5cQg-OuL22BR_7VLQhV416Z2bKs1PJi7ZsFfulWYEidtooypiYNknEnS0brU1hJqShoTDPYJx2HgwJao5TTW7uq7cjBLj9TPfxI-qaO7mZZSO6egGEuFKImmnD7EFOzBkTkrQng96QOdfPy9td-WYaGdTt9i87UkM1jpEyDztNR0U8Ny4ATdUiMqjIOCwP0B14g-DK0h-ksHweGo48b2l7v5-PIimpSrII9qcESpW9kPC39MSGWjlTynuZ0xwJptEXz51LwflnAaQ2KoOcFUpSaykAzp6ydjHbjLoPmceukk9LTIrjzCEe8h1RnmxfgDIEZin_1h4-xniT96-Gs2IF3f4z8dKNpsQJm3aSrKFrfpvpvBmMu9TxIbmsg-TyJWGR6RHCNFfKvQk2dqguIZH3Sh-MRK1IwxU42lfmBDFsl9TTC3jcht9FYHQD1ZMJCyxtn8kfW1nBes2Bg8zWz_AO9mzu5nqzj970f6md88U5uGYAvJShycuoW3hq-gl8eEpV-Fjixd8j1tgYSArt_cuq3HJQAmSxdKVJsf9Wzlr7GzqTLEoKDmjiQXfyDWMzptSdYMZRmTwTUDqz0z3Yi6gNtExk85UdyQTbeVckOmIhO61hip96PPvJ-rWxrL4-BZdRTlZtWEKYXikGoz02ZOFWk-gI8gAoVKfYOVMxreco_gApK2MSiBxvySSzLZb082LrNk-QM5EIuhOiAb7DbbYvjEabS_u43c-chT_p5Qv8YyhmD3n1lrSB7Cd-y3e0iZEB6tKrvxsT95fF4hO3anA7KrLq9t02OXBl3OP_iTxUV71Sd-y90oCxHEQCM7ZZYfi0jwKUVDOuOJRn0sKYxtqYEEZ3nC2w5JEhwyy34kUnv8dGfQwCK9AIfYORK5IUhMsaBl4gNnQtLgCVxa48ljjkTkpQrzmDpBPMrMnT-rEJSHsCe0c05Ua0U9HndCznbrlLVCf8t8LToLuLDpBfQQjgZW5uqKssLVIOerxvRX0rJXHsJvZM-dvBxo9Ak9-ni4B24YurPqNK_EUT_TpM7b-SqpQPunvICBbXbhG-PIsxMUrkuCHZOaQ0T9vji6dtCduYfndsHD9Auk2Qn4pzKHRhAxZvJ9ZsoNssrlh54G6azc1aFCO24eVj-kza7JwbcexrF6a9_cKTyUmty5tKLLQ5J10zWMoFLjw&cid=CAASPeRo43F0N5hxVPhkZYqppq8sN32uGDCwPWWo7hIbcZeeUYJNVa3AVH2H0GHWFCR8piWaLuXCWCafGfGbiSk&rfl=2%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:34:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8594
x-xss-protection
0
server
cafe
etag
7958287194716579593
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Jun 2021 18:34:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 036E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sci-hub.mksa.top/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sci-hub.mksa.top/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 07 Jun 2021 18:36:20 GMT
expires
Tue, 07 Jun 2022 18:36:20 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
45
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A6C0 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b08b8fc2105b00e5478e0a7de5d92f062655334c69f173ce1f25543b9f942e96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VTMFWf6jsyWdTMqJve7S3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sci-hub.mksa.top/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sci-hub.mksa.top/

Response headers

expires
Mon, 07 Jun 2021 18:37:05 GMT
date
Mon, 07 Jun 2021 18:37:05 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VTMFWf6jsyWdTMqJve7S3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame 8542
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYwq2LqQEwAQ&v=APEucNVGR_1NzrLK5Wm_G2ZbkmwRTdRmGwbUF5IFN82JD4MxhkrLD1RLWbivUeIYsyJQuD2KUYndVQwsR5fMYfZcM-ighndUH6YWC94jWOfkTo1vhX0d3whmnXujTBagimpq5F7pAVSunHEGTwNdGfIlPkfz1nqTSYIbRdxRCcHQNI6Ze_QDqf0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Jun 2021 18:37:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8542
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL5nUWFRPZ2NG7.2zARc4gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYwq2LqQEwAQ&v=APEucNVGR_1NzrLK5Wm_G2ZbkmwRTdRmGwbUF5IFN82JD4MxhkrLD1RLWbivUeIYsyJQuD2KUYndVQwsR5fMYfZcM-ighndUH6YWC94jWOfkTo1vhX0d3whmnXujTBagimpq5F7pAVSunHEGTwNdGfIlPkfz1nqTSYIbRdxRCcHQNI6Ze_QDqf0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Jun 2021 18:37:06 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8542
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYwq2LqQEwAQ&v=APEucNVGR_1NzrLK5Wm_G2ZbkmwRTdRmGwbUF5IFN82JD4MxhkrLD1RLWbivUeIYsyJQuD2KUYndVQwsR5fMYfZcM-ighndUH6YWC94jWOfkTo1vhX0d3whmnXujTBagimpq5F7pAVSunHEGTwNdGfIlPkfz1nqTSYIbRdxRCcHQNI6Ze_QDqf0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:05 GMT
X-Proxy-Origin
84.17.43.131; 84.17.43.131; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid
d3a7041f-be57-495d-876c-1e3f7a421550
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8542
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCoi2UYwq2LqQEwAQ&v=APEucNVGR_1NzrLK5Wm_G2ZbkmwRTdRmGwbUF5IFN82JD4MxhkrLD1RLWbivUeIYsyJQuD2KUYndVQwsR5fMYfZcM-ighndUH6YWC94jWOfkTo1vhX0d3whmnXujTBagimpq5F7pAVSunHEGTwNdGfIlPkfz1nqTSYIbRdxRCcHQNI6Ze_QDqf0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:05 GMT
X-Proxy-Origin
84.17.43.131; 84.17.43.131; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.9:80
AN-X-Request-Uuid
51ff8c2a-eae9-4cfc-89ca-30a8cedb4b0c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2E0E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
URL: https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 15:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98889
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jun 2022 15:08:56 GMT
truncated
/ Frame 2E0E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6374c924a41cff3df9f1111311ca028ef9ac6911794ff75547811b7f2637a22b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032105281634000/ Frame 3464 		191 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bec5f2d4c04b745da44edaf721e56b231f9d08914a11b397d848c40f69d0c48f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
509206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55252
x-xss-protection
0
server
sffe
date
Tue, 01 Jun 2021 21:10:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d4150df44d24ecdc"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 21:10:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 3464 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032105281634000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
496777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
server
sffe
date
Wed, 02 Jun 2021 00:37:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ca56b057322a8584"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 00:37:28 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 3464 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032105281634000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
509206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27321
x-xss-protection
0
server
sffe
date
Tue, 01 Jun 2021 21:10:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3f2374642481d921"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 21:10:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 3464 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032105281634000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
502066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1522
x-xss-protection
0
server
sffe
date
Tue, 01 Jun 2021 23:09:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"514585efdf5d56f0"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 23:09:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032105281634000/v0/ Frame 3464 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032105281634000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
509206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13144
x-xss-protection
0
server
sffe
date
Tue, 01 Jun 2021 21:10:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db4e8fd655d0c88e"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 21:10:19 GMT
css
fonts.googleapis.com/ Frame 3464 		4 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 17:43:51 GMT
server
ESF
date
Mon, 07 Jun 2021 18:37:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Jun 2021 18:37:05 GMT
css
fonts.googleapis.com/ Frame 3464 		4 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 16:50:13 GMT
server
ESF
date
Mon, 07 Jun 2021 18:37:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Jun 2021 18:37:05 GMT
truncated
/ Frame 3464 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
447e90fd9f2e15e0f6327bb7f1db05270648ce924a8c8e8d801fd5d8d47d38b3

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
kFhMrQaV6chMbrISdrANWhUGFALOFWcp3j7Naa-SUUbREIB9GWEy6dhk6aZE7ucPDcJukDV25uQ7ZFN-pmxSJYYplbdUR90=w1200-h1200-rj-pd-pc0x00e9e9e9
lh4.googleusercontent.com/proxy/ Frame 3464 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/kFhMrQaV6chMbrISdrANWhUGFALOFWcp3j7Naa-SUUbREIB9GWEy6dhk6aZE7ucPDcJukDV25uQ7ZFN-pmxSJYYplbdUR90=w1200-h1200-rj-pd-pc0x00e9e9e9
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5eaf9bb5a7cff519a02c444a6a24eb8534d3c630b6bfd2dd608311cad7799940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:05 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
211073
x-xss-protection
0
expires
Tue, 08 Jun 2021 18:37:05 GMT
10454751186257448899
s0.2mdn.net/simgad/ Frame 3464 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10454751186257448899
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1362270a37e40f6f8fa39aac7697ef003592cb23eac2a6b68775105462a627b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 04:25:01 GMT
x-content-type-options
nosniff
age
483124
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33464
x-xss-protection
0
last-modified
Mon, 17 May 2021 07:58:58 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 04:25:01 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3464 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkGzjjccM5QFpfQgIaFX-6Qi77M5J4wssRmYhZMgcPd3Taq0Tu-FnnB2bp5NXdLmGylCN3ufBniZc-5G9ZSEvcMBweNJOABUGfcSUxRJTZP_BL5QVnwriimuuc9QxxorgkcvDp4wd7PzG_Ld60UKFbU12cVQ&dbm_d=AKAmf-Brw1YjRJLIAmeHlFVVJfet2F2ExxXQ0dOprOUzlU0z8uXeWMrEbYwKzhwJ3B0AvsImRjuMWrSQSw4o8pP07tWBCc-mmA6f6XqspNA6d0PSjpU3ejEdMWhD9hj9tNIecLUkVo6IqQYjfcR2UbreWaxzTsLypNhHEhot6qltnGo70Pp9phR2JeSQdhxGN_obN4g0GRQNr-4JW_xq1vG5fzbTH0qFv_2rwORPIZEyBG-S3bP4ROCJon6Y71WHLbennFyX9Zw2ORjU3ay98-WSc1sSoYx-NdJb41___1Y_NzH64mnSqDGf-UW8I1AIz-PYEb_4VoQrFqvw5yHkcoefB6i69N-pmaN53e3inl7SQVKjeMjTTVpPupPtQ4RfYXeZ_Ktypkd6byzq-HhEwlEUfezThu7luAy5hnf6Ro_vhBO4YKb-Yumx3_4cMyltHljyusqnZ8bA9beny1-bjojXUneZbvh02h6ti4Nis5N3bjAlmXl1HyZqDlXFt94Kc0YvFkcWlxZJIz4Y8mqHDj7RnClm5Y2sho1Qx82KzQTtNxtI-gH-woSA7bK4shaB-VQOtWjpJs5hk2EVLSuVVsT0QZk3sV0F883Vveo_UdgqPRdjCMbcFHIf6WA6OcFu-9gt1iNmSzz9V35uXybw7JcNdrThVjgXS_EhSsbPZnu11ZNz23tk1bebQK84xE5HrdFnQNn0OP1GLi2JyfwI9gpBjmw9UHQyXtBUvInetZ2EnpmBuhmpqlQXLTwA4SFAi6t2FbMIll4em5D91sNgvvdwMnv58MEA72kBjSjQ5IhlOKbbmJ08sYGCksOgmMo3rN9sYGksk7M6iXA0bzARJ7awevMspAjxunnok4VPBra_3543dMBQdSiRi85EgJLDeeb99I7ZvMgadDhm95J92So6SjQxCwSOCnXw7IyR8vVF3k8alaA6fWwrlF_UuisKkXAKT60TXqMHKkyHupSj-qjyuTbLPe85u13zrdLd00gN1n9pqimkVz4ApFQAOxvG98MFqCWqpUhRuWKuaLwqxH8qIXwFHpSILr1C0puET7FEHhI6BmtPUxF-qEagZkewh7iUb6ttmxzun7C5BvMFulvK76a2wFeo0wYnt6CYEkCq6jXc3hLBuPlfHZT_WtovX0Lly2g4yst8qaW81tveOcsDV2-jQNW3idzeNYTGfK8g7eWVdDL-o213uMilwBUacjyE7zqJPchvVQRUTROCEBP8alKOGNwoOqbiag_09-UY6nsA2yhhvcvwyJ1f8UehB1UeEE5XxEcTvb0FvidkzEfDYBpgTAxOaSSJtNG__68dYlt4Gv7Lv8SHtUxUQthuFf1yFozMckeMOPc1huNGfCI1dCkTxQey1FJnLTMvk8777GBRn3aIJl4Odrqf7ahp-uo9RUpDGWm7TtTX5F-RnBNAIZ4qS89XwvhaQuNVaG7FNHwe9IP0QZJmOchpcMkdC6vv8i3OqpS_Alnu8P_3Lo67mOYIbuPS_fkhSoRRPdrp-c5f0eoj8XlDNbtxxejt_bZr3o3-FXlIwM2wBeYKmKi2ymZwYp8BftbiTa4-QS3NL0LS95zxH9uOW0fQO0RT5e09JgjB15IjnlMASjqfeKheSMqq5WkvvIVMpy4LbiWPQNekBBxnFu98SP2b4XF2DrAYj7Grn2Y39UqEHrmwTbh7bp4bugyBvc6lhrQC2rS54V5HDzrWa5izQ2fv7oAUlayfSLQsju_W1G34GLEQhWDKOyJPe-3FVE_8KqHd1p0V-Zy-UNOMppdbectxp3GaPr-5jQ-nZwso5gIa_KRsmLHgn1Cl0Jvhm3yvDf89p8TMjCoIZD4eBrT559JbZ7AS5-hDQ8e68o-Rj8wRGD4bYq9kAFkjqbP26M4KIWAclJ9nwFbzJ3C6dRWlNo76QuRDIydfK6-zjVn3SXbHMH_u7UUYfro-ihsRq2hkHqzmzNpXv9GtEwC9w7WFPUWU4Yz_cgi1XwO1Lo_JzvYs4nE8aMBsYoBhTd3RORL605pOGKXtkBpXpyZBjX-vudcueDLFaQ5GvSIZC217YrEdG7bJod8JUsKi4nLRnmGMdi79aggOiVILsiQfkSBCac4mEkxKaqUG_XtC6Uw-0SgnvYpEgiU_rJsczrKu8prCfpd6pN0Cd7bjPk9YNNj2tvf8oBjr6ZuoCyiHRSp1MrkySNRzVLaRty_l6bKBgttkhCbsTzO-L7CxlYtItIDGvArDVuPOiNVqEU7bagFZAXb7fQQeUhQ7g0yUyFA328XhG0vDxP7SHx9hAteJrKkvmL0WAXSkn0iU1JYHIR7IknqAsnTI9ALILCWVrDJJwESgphUF7jjZUj91BDZHvevAvMvnc6n9DA217QUWhNQ2g3VqSfpEz6uaKbywKvfJ1kdAYw9eo6lk0yFpP-eF47lPzlWJ4Y-pmq_vxxu2FOKEFDYMghKAErBT_dgMReDtJ0jk3kvxL8Vz0QEL6Pz7bLYNnlH4jgUBDC2725CHC2PUegkQIiXHz2bcA7Cuuv2wxeTH7_iDIZ70ISiCMElS8LVxQDnRrBGl2j94UYH0NauegadCeon_mm9S_Kv3_TEOoIJbllpOReOx9R-pywBOJFQ0frZIZIMFb2A_xJSSr26LnwfmV65trPmGjW6Pmx6uDX8bPKAJD3tWJqeqFEL3cHgpE12q5eknqa5A416pXjwX1hkNBsBB_K_UvaBS1w40FoqFTRM9ZueXlngda8USWyF3-owiQgZxEQexgxPI4iiHtsc3wGVe8iVoBYty3NAUwg1JhlAuySeFrLCmxk4B-hCHojekvzPWoNcZ0_obWfoKpp0FMyJlIaozQS_2Wn_LcYihZnuJiX7m2b-0U8d1p-OoYzOCcyp1xni5Q_7BdXe7AWKfbTQuMCdLulqmu7DX0yrTIj6SXlure6YBxyyuUzjQuod2zRbzgxeZvxAsHSUFn1vU02c5SLlBuZuE1f6AbOIPpCEutfKnSruqJBut3bln8SZbRQz1IedLnrVRpQ_gR_QUx_ppPYBjmqRLY5lX3U7J-kbjReKGab6qTD5nrX2p4g9ZMTGzNV595gJaQ989zaT1f0T1dynKTJwN1Pztmjw26oHsEVx5Sx_vuJkNJDTvVNaK1sr75vwNiszD9tNG9cH0eOcUUShIvnJ9t-HZ-hrFb9WAmaaSKV4NBAuGcqCTsWKQ9eRC4ynEV0hPY1nqIfaJ1cKQYKisk6YtGi6eJz9ACqyjA_TknOxxFeQwYCJEZ9GiCe6Resz5ZW_d97jo0N_8uSDx8VmNoUduC5pxY_JtkqIfYhhHhN8FtUKYIlmoFQNQ5xEa40IXkdiQWlyzN6cqNaiR-DAPPQE0CfS22HrvitNmbhRMmJOl82Bo3Lcjd40QnQOC2P_NLCLaf0zmU3Tn_-ENdZbEMjf26bYdUdAGc9LGUrfPFVuDjTt7KuukM8IV4nMLA22nwl02yTglx9iX_DIQ0In_PcVxR1k9r7QP2W92V0o82oD8KIidSzG2ZUuABW-9QuyfXrom8YoF4V-Uf2BvACc7wv6THxFBBtH_kw3YdrtwnjVPDeoQyo2UldhGY3g1SAQqgMEGKdJ6Z9ruTw1IQExabfRHK8i5cWR8e56USwU218rh7UPHIrw&cid=CAASPeRot14n1ShXnNzCOnbWZ2NF1iFpcthDnpjnkIUaA10GEapmT38NgMpOgcA1F2e_5VwADhuUHoVp2OVIf6c
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
mmtro.com/ Frame 3464 		48 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mmtro.com/i?tagid=6572614-638f6d8a1331abf1db459f551b6e0219&idc=118499&rtgdsp=dv360&rtgoid=20169751&rtgpidc=&rtgaid=ABAjH0g-rmIaWpyY_-FmFRkWjDWa&rtgseid=&rtgcpid=51136452&rtgcid=355452878&rtgexid=1&rtgpid=1&rtgsid=980029729630&rnd=1623091025625845&gdpr_consent=&u=https://sci-hub.mksa.top/
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.66.82.41 Paris, France, ASN197205 (MERCIS-AS, FR),
Reverse DNS
mmtro.com
Software
fdb141453c85e6bc89a824a70a7bfd71a273b947 /
Resource Hash
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:05 GMT
server
fdb141453c85e6bc89a824a70a7bfd71a273b947
p3p
policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI"
x-rid
60be6751e19db8245ed445cb
cache-control
no-store, no-cache, private
content-type
image/gif
content-length
48
expires
Wed, 23 Feb 2000 00:00:01 GMT
/
laboutique.commander1.com/v3/ Frame 3464
Redirect Chain
  • https://groupelaposte.solution.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=im&a.si=322&a.te=221447&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ra=[RANDOM]
  • https://groupelaposte.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=159933&a.A=im&a.si=322&a.te=221447&a.he=1&a.wi=1&a.hr=p&gdpr=&gdpr_consent=&a.ra=[RANDOM]
  • https://laboutique.commander1.com/v3/?tcs=1491&rand=163677&chn=DisplayConqueteTrafic&src=NumberlyDisplay&cmp=2021_BNUM_TF_Mobilite_Trafic&med=&pub=&crtive=&vson=BNUM_TF_MOBILITE_PART_ALL-DEVICES_Na...
  • https://laboutique.commander1.com/v3/?firsttime=1&tcs=1491&rand=163677&chn=DisplayConqueteTrafic&src=NumberlyDisplay&cmp=2021_BNUM_TF_Mobilite_Trafic&med=&pub=&crtive=&vson=BNUM_TF_MOBILITE_PART_AL...
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://laboutique.commander1.com/v3/?firsttime=1&tcs=1491&rand=163677&chn=DisplayConqueteTrafic&src=NumberlyDisplay&cmp=2021_BNUM_TF_Mobilite_Trafic&med=&pub=&crtive=&vson=BNUM_TF_MOBILITE_PART_ALL-DEVICES_NativeAds_REEX-jour_TRAFIC_DV360&fmt=1x1&adgrp=&sem_kw=&aff_id=&aff_name=&url=
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.47.207.212 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-47-207-212.eu-west-3.compute.amazonaws.com
Software
web /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
private
Date
Mon, 07 Jun 2021 18:37:06 GMT
Content-Encoding
gzip
Server
web
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=486000, pre-check=486000
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html
Expires
Sun, 05 Sep 21 20:37:06 +0200

Redirect headers

Pragma
private
Date
Mon, 07 Jun 2021 18:37:06 GMT
Server
web
location
https://laboutique.commander1.com/v3/?firsttime=1&tcs=1491&rand=163677&chn=DisplayConqueteTrafic&src=NumberlyDisplay&cmp=2021_BNUM_TF_Mobilite_Trafic&med=&pub=&crtive=&vson=BNUM_TF_MOBILITE_PART_ALL-DEVICES_NativeAds_REEX-jour_TRAFIC_DV360&fmt=1x1&adgrp=&sem_kw=&aff_id=&aff_name=&url=
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=486000, pre-check=486000
Connection
keep-alive
Content-Type
text/html
Expires
Sun, 05 Sep 21 20:37:06 +0200
adview
securepubads.g.doubleclick.net/pagead/ Frame 3464 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUBujUWe-YLWZJs2BjuwPwIGaiAqGr_n9Yt3iouz0DY2A5LbrAhABILSj7n5g-_n8gogKoAGIvq24AcgBBqgDAcgDCqoE5gFP0Pp6K33b0vU6Y1Rhg57M9bQi4tG0XbkPBSyT1Adj02WJT3pLalOkDVr0w9BqdNqoXSLlbnDKEZ9z3FmkqwJSh6bJ0MPkYkHeUbpHA6P3-pHvdT5LqkwBBEtQb167yNgTfbm-lN7EwR2ifbIheLZ6B_VCmeGnzomGjwy0-ZU1W3pO-Rfvqd4aWq0dDlrDWYz8Ftr02NkAeKvqt7CPRf7zau3RYffpKqilt8ZaOOfVStscep27_y3jL2YeCTrQ3wD7hL_dwPI-x5WrxTnZ5_W26Jg0WiZ87VXMWIQVKbCBL0sBtrz5ucAE-7HXscsD4AQDiAWU0I2KMZIFBggDEAEYA5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AH4MHSxwKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAfIHChC-gBUYzo-_qQHSCAkIgOGAUBABGB2ACgPICwGwE5za1gvIE9vL9twD0BMA2BMDiBQC2BQB0BUBgBcBshcaChgIABIUcHViLTcwMTUyMzUxMjA5MTU3Njk&sigh=xf-o4q3WImU&cid=CAQSPgCNIrLMpHjGvwx11DOb8jST-_Cw6mq4dbOqb6-jlE5nYIkdGiXNZ93Pk0U9vzTjxlPliw6H9HDdnbq-Br41&template_id=509&vt=10
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 3464 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3VkSDK6z568RAvte_qaES8fBMOeBZuC_EokfvvLKrI0byfaA_d6gKWbR7s5aAsimpCDrF
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3464 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 06:09:32 GMT
x-content-type-options
nosniff
server
cafe
age
44853
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 08 Jun 2021 06:09:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3464 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 06 Jun 2021 20:37:24 GMT
x-content-type-options
nosniff
server
cafe
age
79181
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 07 Jun 2021 20:37:24 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1F8B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 06 Jun 2021 16:42:16 GMT
expires
Mon, 06 Jun 2022 16:42:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
93289
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/6772535/1621337138387/ Frame 65B6 		86 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/6772535/1621337138387/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d5ec527dd900924fe70f46d875af0533fd13377acc2ac28f2d923932a3167dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/6772535/1621337138387/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
21386
date
Sun, 06 Jun 2021 23:36:22 GMT
expires
Mon, 07 Jun 2021 23:36:22 GMT
last-modified
Tue, 18 May 2021 11:25:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
68443
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2E0E 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvtitNvCLpwEp56JIgClMr90OELmsvSvT0H5z0hUg3svDBIDwLR0S5XVloPkOfHfXS6NN2rTekxnphERsJ6DbeC23mIME8icoweOg-rkPMS0qUSEw_15erI-vCRTZqxGKJWFJGpucd8e8G1DPm_GQC54foV6PmBCgTg-_0OWzCfQ1CyVbAfh1iCe9TVXvQiQJAsX88PO_DvoYoBgXNGz-s8R0PZ-_a7XZKnA0TlEHvGmAz_1QBAnj7_GOqDUSPxUolyTR9b4NA8EJaRI6-JGmy9oQWfIqrEhtQ4x_Ln7Q_a2uyJxniBi_iT6R7KuqpZPqXvvivS9NmF9TYt_KTopJl013RQXqQS-TFTGK2uQJJY9WA4HnR6na2f-HADNxhQ-pgE7Y5e6DG6tYrt7he2wJF_hrAL9xTn_tEfUMSiuYM_3_taywzl8M7olKKIW1_T1VMi6PJ1Y6sOY_RaLfELX8gecOYxq3R0JaJIn2phvBkdlGfxnmPinOel6irX8YcPd9S5O6KG27WWP90TRDutjV6Rq9JBhP17v4arsJuiNXvl7ZQ9W6VTxwYs3pwEcB1WYCuOnvgYSjV5WcjE18JfXD_BSDPz7bhj1M4hmyF0WrmtY4dnUYR9WpNvnBXSwPpPZDQ1ef_3RQBAW4HZr3rvqWyMXffWrlC6fY68-SMEp8u3ID_O7AVjxtjw0VezP4T28-PYVRBsUYoV07DXJwedB1LCtjYTlCU06vUSUwSr4GydDCnsyJjoTeAqTEycrlwZ8fzF7pj3olVIkeG6lF4kbUfg8ygC5czysEHdtKWz8uat8SSr0h560K6DXDmwk0avkYKNVrM4SfpLDYPR5O9m3gSyxMEeQk8Nrs9Cds3hw1lLmOrr72ha5nX7cP22DI1CEhlYftXmVr1w-16_carlYsGurJe7qxEYFMzRh5hKn2f1kvppt9c7aOHrqGVkjM6sL7zP1j20_na5ALkoYcT7OtD4hR7oDi-dXip0hAoFiKiSl1jxFiL1Mjdcb2bMMSrR_LvR13sGPxBjijFpivrmhfFYlD-i5qMnQxlx3mDbZdhqinIx8KLto4vwMXTOvZMd3L2TiUfQQ-IVCQpoJDLf8VdnsGjzsm2zJSTRaGw_TL8TBVEm0Qg-L6y15nt5AcnbQ04dhdjImiLY4t4R7HYn_7GNqUC-tfrYwqSXLa1xJzbixhbLMZxLkp3KLrBbBMagQ&sai=AMfl-YQx_bQpKLeTeUybQIRRsV0hH9lpWpGhjNX9vwM-s_FBfOANEGdoAex2IiajViAIQT2B8vHGeiK-q2_ERC-7OXtEECv9mDUYBKcBoaq3h1Hbk95zw0xTdG6ZLayaFHnM_wVnF7NUnbx4_WQNQOE41gaK16DNIMk14bCB4yvEhqxzWoXHDRMe5zEM0RyovebAdyo3r1SyERCc3y7z5Z6FawNWSVE5GChIyMJuWyui9CItBqj3mMwA5Qgop6ATUIsi&sig=Cg0ArKJSzONw4Md5lWmiEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&cbvp=1&cstd=165&cisv=r20210601.02617&adurl=
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 07 Jun 2021 18:37:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3464 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://sci-hub.mksa.top
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:19:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
497847
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:19:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3464 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://sci-hub.mksa.top
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
554611
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3464
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
css
fonts.googleapis.com/ Frame 65B6 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6772535/1621337138387/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffe7c3d559780b916266217b3683f10a7edbc655d5e11149a36e6f74af8fc68f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 17:44:55 GMT
server
ESF
date
Mon, 07 Jun 2021 18:37:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Jun 2021 18:37:06 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame 65B6 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6772535/1621337138387/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/6772535/1621337138387/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 21:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Jun 2021 21:19:17 GMT
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame 036E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
1437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 18:13:09 GMT
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame 1F8B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
1437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 18:13:09 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 65B6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 16:46:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
525036
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Wed, 01 Jun 2022 16:46:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2E0E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvtitNvCLpwEp56JIgClMr90OELmsvSvT0H5z0hUg3svDBIDwLR0S5XVloPkOfHfXS6NN2rTekxnphERsJ6DbeC23mIME8icoweOg-rkPMS0qUSEw_15erI-vCRTZqxGKJWFJGpucd8e8G1DPm_GQC54foV6PmBCgTg-_0OWzCfQ1CyVbAfh1iCe9TVXvQiQJAsX88PO_DvoYoBgXNGz-s8R0PZ-_a7XZKnA0TlEHvGmAz_1QBAnj7_GOqDUSPxUolyTR9b4NA8EJaRI6-JGmy9oQWfIqrEhtQ4x_Ln7Q_a2uyJxniBi_iT6R7KuqpZPqXvvivS9NmF9TYt_KTopJl013RQXqQS-TFTGK2uQJJY9WA4HnR6na2f-HADNxhQ-pgE7Y5e6DG6tYrt7he2wJF_hrAL9xTn_tEfUMSiuYM_3_taywzl8M7olKKIW1_T1VMi6PJ1Y6sOY_RaLfELX8gecOYxq3R0JaJIn2phvBkdlGfxnmPinOel6irX8YcPd9S5O6KG27WWP90TRDutjV6Rq9JBhP17v4arsJuiNXvl7ZQ9W6VTxwYs3pwEcB1WYCuOnvgYSjV5WcjE18JfXD_BSDPz7bhj1M4hmyF0WrmtY4dnUYR9WpNvnBXSwPpPZDQ1ef_3RQBAW4HZr3rvqWyMXffWrlC6fY68-SMEp8u3ID_O7AVjxtjw0VezP4T28-PYVRBsUYoV07DXJwedB1LCtjYTlCU06vUSUwSr4GydDCnsyJjoTeAqTEycrlwZ8fzF7pj3olVIkeG6lF4kbUfg8ygC5czysEHdtKWz8uat8SSr0h560K6DXDmwk0avkYKNVrM4SfpLDYPR5O9m3gSyxMEeQk8Nrs9Cds3hw1lLmOrr72ha5nX7cP22DI1CEhlYftXmVr1w-16_carlYsGurJe7qxEYFMzRh5hKn2f1kvppt9c7aOHrqGVkjM6sL7zP1j20_na5ALkoYcT7OtD4hR7oDi-dXip0hAoFiKiSl1jxFiL1Mjdcb2bMMSrR_LvR13sGPxBjijFpivrmhfFYlD-i5qMnQxlx3mDbZdhqinIx8KLto4vwMXTOvZMd3L2TiUfQQ-IVCQpoJDLf8VdnsGjzsm2zJSTRaGw_TL8TBVEm0Qg-L6y15nt5AcnbQ04dhdjImiLY4t4R7HYn_7GNqUC-tfrYwqSXLa1xJzbixhbLMZxLkp3KLrBbBMagQ&sai=AMfl-YQx_bQpKLeTeUybQIRRsV0hH9lpWpGhjNX9vwM-s_FBfOANEGdoAex2IiajViAIQT2B8vHGeiK-q2_ERC-7OXtEECv9mDUYBKcBoaq3h1Hbk95zw0xTdG6ZLayaFHnM_wVnF7NUnbx4_WQNQOE41gaK16DNIMk14bCB4yvEhqxzWoXHDRMe5zEM0RyovebAdyo3r1SyERCc3y7z5Z6FawNWSVE5GChIyMJuWyui9CItBqj3mMwA5Qgop6ATUIsi&sig=Cg0ArKJSzONw4Md5lWmiEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=350&vt=11&dtpt=181&dett=3&cstd=165&cisv=r20210601.02617&adurl=
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
TS2020-Online-EN.png
s0.2mdn.net/6772535/1621337138387/ Frame 65B6 		631 KB
631 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6772535/1621337138387/TS2020-Online-EN.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61024309a5732eda4017f81dc2f248c787e997c2b23a93afdaeaf03f49b7a5d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/6772535/1621337138387/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 18:38:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 11:25:38 GMT
server
sffe
age
86310
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
646446
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:38:36 GMT
BitdefenderLogo__2_.png
s0.2mdn.net/6772535/1621337138387/ Frame 65B6 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6772535/1621337138387/BitdefenderLogo__2_.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7946de430745c3c02e8186bbc5860343f4f5849cb52998b83552459a90c63856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/6772535/1621337138387/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 02:24:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 11:25:38 GMT
server
sffe
age
58370
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55059
x-xss-protection
0
expires
Tue, 08 Jun 2021 02:24:16 GMT
container.html
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EE7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sci-hub.mksa.top/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sci-hub.mksa.top/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 07 Jun 2021 18:37:05 GMT
expires
Tue, 07 Jun 2022 18:37:05 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 68BB 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQrePsnQIY1-_clgEwAQ&v=APEucNU1xTIMGJt_XVw5TQcO2sTCR8eGrSIlST7hoLzqs-8JVDWfkNoAsMRrdjG_20Tjdh9k_gicrwZr14m7hbovaCO-kg0KWDwF_dNbrC5_USPucIqXxbfAI23RfgoEhmk5rE5PVEsHposh_xJlBvscuUN5gERljh-3aYT0-nkNhg5wPDBZt9w
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJnsxgIQrePsnQIY1-_clgEwAQ&v=APEucNU1xTIMGJt_XVw5TQcO2sTCR8eGrSIlST7hoLzqs-8JVDWfkNoAsMRrdjG_20Tjdh9k_gicrwZr14m7hbovaCO-kg0KWDwF_dNbrC5_USPucIqXxbfAI23RfgoEhmk5rE5PVEsHposh_xJlBvscuUN5gERljh-3aYT0-nkNhg5wPDBZt9w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk7Zm4bIb49QMBJd2uqWYve-0JyHZUlD_XyMIFBu1sSPOeqqFxz3BUwtloCFkI; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 07 Jun 2021 18:37:06 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 18:37:06 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1512 		10 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKVoi-f429SQgV792BRVyrgjEkOvrHz40BSME_KWdM-AUdcnvcZkdMjJhDt36vb3m24h9-79xell2DtPIFaZKy7IYCllsYSgT5SjekjgMBy9fPsl4BpNhiiEWjlvAq4P9blfmQNy-fbsuh_4MriWidTWwj4g&dbm_d=AKAmf-BGhixMJROiulwgrW07iPcsCvvxyfnkf1ycxWlyI7EOWMzT2Nn7fVeh1W8rt17IIsdw_baQH32rICG6ckdP9wyYVlkEUTmjWZyakoHIUUrFQHugOj2YFn65qcGMzA8HBHvwgQI5QLDDTkMn2yM6gVWE-WEGdi7d0KQ1l1Y9scUwejNUw4OjGfwrLEHWpouwKYFNkmIX655FtfQGYFvCPpdbLaUfektqI_Wce7GjgUOticplpURQFUz-C6uM4xctWjRa3MxkecEIDbuUbfq2vnMK32fHWOclN21BbEnQrI2jV-QwigEF2XuDC31i-BKJYftcSOoYJeMVkX240kxIgd1NIkDKxtQP-9pbmciqtD6_Yu7mLRhwKu9_cdDsPY4rITapV-HjYHAJCT3gN_v6noHD-NEsYmM7lmKPwsX0ZriRwyVfs1q8OwaNbMDgwrSmwRdehBResWx1ut1wbRoQYjD1-pKmfOmjYGN5j2r9IxBPBKRuHcvasPAN74lS48GK3U7eXTrcJB2fbEV1EaheRmXW_w7naWKvD31ZjcxYFUdd7XvoCIgcx0JRocygAeEG-GzJ9SUKMUN9KNmPsD8hPlxTBkYeS38uPErCT_rZiZbzKUWcv0a4zxn3oyu3Lo8aNqizoXkmVhdP0dRlC3pMAnyOFv3boUeHLR2-LiWm_UTta3Te4OSTboIW1ood1PykiXLh5CT8yf8v4h84nxkvqlxZJyI17VgT1DIJSigIlSJenk6NOrOkSqOfFuojAGzRpWv50bqyGe-fJlsObwJmVMPHSjzjqhiGpRIWl9CLINjR0lECNlXheUhaqkf9GgQgFL_xZOskcWvfjgC57-kFssFU8vjCfgI-L_x2NGmbAtmY9AFuOyYRKPexQZrLz_YGUJveaKjMCfNQk1_dbmyLIvfjzqovrRHGdWw2JX16wPKgxcF_cyQ9dTTKJ0JTsgNv8Bw2BENPbAePdAHwWneDJ5YG3-nnWg9cmUrWHv3Cd-tD7QwaTQlsaWkEQyAqFHoRfgLubwJBQJvOYzdjD5H7LAYjbQ30H5_sTm9-aG5Pog-icQYg6YNlvqTaSUCAU7NouZ16qbMPRNieowzKFKaadAhjACRuV6nesgbaNncRLTALsGtclQONSw-_THqqFeSA-YZ-glmIxQL1SUDs2JjzfyVrUbQI-d_mdnZNO64Aok9NPIo7qcjjC0DiRsr7olWlyRHSMdfdsXnVeuMPBt-Vk1-7RAhsKxBy_jjnu_p9oGJK39i3ey4C6JFOdsyCeNL1RxH_qAwm_sM-o-acV8WAC1lhrCI0-JfTAFWjt7j3PXUnQrfkPvy4cxz9PR2I6GNfH9zR3jsIXUKiqYdYHeTsTEVyZqCVjxbxffluf0EMd5cYJFWkw3W0a1J_g_WH2S9Km80741U2o3_13r7DsVFeiKc0CgZM4LbzIKWC4N103vymmX-fYN-g9UNilKLtuTh-pPU_rY3pwX5rIcqUNta4jbhiPw0TgjnEAqup6f2vkIYCxxgq_Isw1a_wVUpG-zXurVd_CcZBShQKL5YI4nKi9bqssKwj-XZ6wmHUybQIfoPYHIbDRIb5gC3xe2lHZP-fZ0NplZTSS3IqdBElbUkGgKmpCtLSepyfdgICMtWOFRNs8sqhBGuI8e_40Y3fW11ILvO6F0bw5k5SSHwgCsyzepl8jfwox3tGPzdm62YnkIlwQJ1cI_1RkjCYDgv9MpheCPNkyGGBDbuo_6nK1_ol2vVVcI-BSlKkSAV5ewPJ6zAYTczn2WMovPYAXRB4-NJ5FNx_9jMftu06kHGcjEANeeLVwul3iRgF8QHKhCSS1k8gQwRHyb0PH8KbRenzj2plPC4pmYnzkUd2bcU2d2pWvazoa4DrrIl37U46DwjQ-VMFYkgt6r56gquzbWgqQ-KYtDTbBAxSKxqGJV1wqvLU7Ezmghq6nMQVXmLROmVuhcy4sfvMgfMLU5onKZ_6E7A9j7N--SEL8TyPNf2kMhZgsUGTqjblQmwiMnCypM4A2lKjSWYmbQA-zkFvnsVUl29CVaMUpsBq587RmJY95vY3Ka75fCoKJEd1uZVqq6woLnLCRFQAYWwDJ0xrRQa6VBsLO2cNGIQLbnj_KSaWCZcmog9BNVjWplXlNMpR7d7R4mNXNBeL8ZyojvKbGir_XbgDK5TLpjPedhV71yN0MtK3UZ6dIg1YeDK3alxPXAU-aOo-chNuG0HOYYEm4ErzoaVXKBqNXXAGLGiGqUj2nFdUXfpm7k5iiXFkmrjFdDBXAII-v2_5m3LYsjv7GxOr-EmnkkrKqkhwjC5DtWcV8n81BCemLm9QqwEKw4sRQHpQq1NEzII-u-wvsxmW_rddIimwOHwD_6pnlRwKHBZlTScH00n1Co5bRR6QSGAwOsKS-5w6YEA_bpdlN3-hU1ahl89qPq968MIJw2shZxaP-zu-l55afbcoSU3DUR6x4qs9NcD1TqVjM1lusFRZ97hvtLJ847clnPNjVTuVgaY-GylvnCP6kTVzlnO8W8mDjl8WkJ2NzoLfg_9lfRY_ncysbo0TCfI3foEXXxVrgwCtkQ_9RoNd4WgqgvcOc5aDYAcpikwXHXqRymFSpMICZAfiuIz93UtLkh4pOtZA9deoMtc_FXUzwAY8_fvm9gaK21jF5z6tKq7MSQRs4CzyVwaMMXRkZrTIXSeS7bGoGgf6ozR0szAz1kM8Sm5hBdMFm_EKVB_GD5yZf1RROhdgW2N1ARXklUOqF7xHSd8nA8ZYVnuHmYKPKuga1weiZyWH53FBmVBo7RbcB1jNKb9o-PihkSZCvUaL8vRQfH1KOYpvU9hoK3fYQPJZn5FyMVWGybPUCiS8godbg6M95CCaz5d-aOZvXc8kXcIafLWUDh5B1MuAATwPsGPX-awq96rAjtLLFWqJoqPIrOozmxSyU7-b2ZNXD86qUj50ALAJp4eUNGTi9Gxz5mek-In7WjLjvV8Ku_68SaQ1X4s-AEc1nQkkaIpPz1m5bEjD9C9Sq7_H6XZjq7jJ0Yiw0GXQ2IUMujRCReEByIm3mDel71A9Sh21KCBN_N74F4IDkQShyGitEwYOqRi29WngOqlaMvbZYiLv3C46Wv2gpEfojrMVEljU458gnvrmNs6z&cid=CAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc&rfl=2%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee49cdca95dcbdf9105b0d523ba8d868e4180288130b245b164d91164c8e985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7896
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 1512 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Jun 2021 18:32:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1512 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:06 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622806011323838"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:37:06 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 1512 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1091097466425408374
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Jun 2021 18:33:40 GMT
l
www.google.com/ads/measurement/ Frame 1512 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJXvyJNkepgl_Pviy28bPOWYPaJkuj9_MAxRmbxoA0qep4nrkbyl2DndeXmOnyblMG4rU2
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1512 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CgTRAeczjXu8-VJhOLiEFMOL2Q4PVc5KxcEgLWEulWMh20CSHjozPFnT7-ZbG82BNR2an73ekxFIRBJZEx4je1pC9KT8pgOUh-TV2rgAlnknkUH1c
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1512 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKVoi-f429SQgV792BRVyrgjEkOvrHz40BSME_KWdM-AUdcnvcZkdMjJhDt36vb3m24h9-79xell2DtPIFaZKy7IYCllsYSgT5SjekjgMBy9fPsl4BpNhiiEWjlvAq4P9blfmQNy-fbsuh_4MriWidTWwj4g&dbm_d=AKAmf-BGhixMJROiulwgrW07iPcsCvvxyfnkf1ycxWlyI7EOWMzT2Nn7fVeh1W8rt17IIsdw_baQH32rICG6ckdP9wyYVlkEUTmjWZyakoHIUUrFQHugOj2YFn65qcGMzA8HBHvwgQI5QLDDTkMn2yM6gVWE-WEGdi7d0KQ1l1Y9scUwejNUw4OjGfwrLEHWpouwKYFNkmIX655FtfQGYFvCPpdbLaUfektqI_Wce7GjgUOticplpURQFUz-C6uM4xctWjRa3MxkecEIDbuUbfq2vnMK32fHWOclN21BbEnQrI2jV-QwigEF2XuDC31i-BKJYftcSOoYJeMVkX240kxIgd1NIkDKxtQP-9pbmciqtD6_Yu7mLRhwKu9_cdDsPY4rITapV-HjYHAJCT3gN_v6noHD-NEsYmM7lmKPwsX0ZriRwyVfs1q8OwaNbMDgwrSmwRdehBResWx1ut1wbRoQYjD1-pKmfOmjYGN5j2r9IxBPBKRuHcvasPAN74lS48GK3U7eXTrcJB2fbEV1EaheRmXW_w7naWKvD31ZjcxYFUdd7XvoCIgcx0JRocygAeEG-GzJ9SUKMUN9KNmPsD8hPlxTBkYeS38uPErCT_rZiZbzKUWcv0a4zxn3oyu3Lo8aNqizoXkmVhdP0dRlC3pMAnyOFv3boUeHLR2-LiWm_UTta3Te4OSTboIW1ood1PykiXLh5CT8yf8v4h84nxkvqlxZJyI17VgT1DIJSigIlSJenk6NOrOkSqOfFuojAGzRpWv50bqyGe-fJlsObwJmVMPHSjzjqhiGpRIWl9CLINjR0lECNlXheUhaqkf9GgQgFL_xZOskcWvfjgC57-kFssFU8vjCfgI-L_x2NGmbAtmY9AFuOyYRKPexQZrLz_YGUJveaKjMCfNQk1_dbmyLIvfjzqovrRHGdWw2JX16wPKgxcF_cyQ9dTTKJ0JTsgNv8Bw2BENPbAePdAHwWneDJ5YG3-nnWg9cmUrWHv3Cd-tD7QwaTQlsaWkEQyAqFHoRfgLubwJBQJvOYzdjD5H7LAYjbQ30H5_sTm9-aG5Pog-icQYg6YNlvqTaSUCAU7NouZ16qbMPRNieowzKFKaadAhjACRuV6nesgbaNncRLTALsGtclQONSw-_THqqFeSA-YZ-glmIxQL1SUDs2JjzfyVrUbQI-d_mdnZNO64Aok9NPIo7qcjjC0DiRsr7olWlyRHSMdfdsXnVeuMPBt-Vk1-7RAhsKxBy_jjnu_p9oGJK39i3ey4C6JFOdsyCeNL1RxH_qAwm_sM-o-acV8WAC1lhrCI0-JfTAFWjt7j3PXUnQrfkPvy4cxz9PR2I6GNfH9zR3jsIXUKiqYdYHeTsTEVyZqCVjxbxffluf0EMd5cYJFWkw3W0a1J_g_WH2S9Km80741U2o3_13r7DsVFeiKc0CgZM4LbzIKWC4N103vymmX-fYN-g9UNilKLtuTh-pPU_rY3pwX5rIcqUNta4jbhiPw0TgjnEAqup6f2vkIYCxxgq_Isw1a_wVUpG-zXurVd_CcZBShQKL5YI4nKi9bqssKwj-XZ6wmHUybQIfoPYHIbDRIb5gC3xe2lHZP-fZ0NplZTSS3IqdBElbUkGgKmpCtLSepyfdgICMtWOFRNs8sqhBGuI8e_40Y3fW11ILvO6F0bw5k5SSHwgCsyzepl8jfwox3tGPzdm62YnkIlwQJ1cI_1RkjCYDgv9MpheCPNkyGGBDbuo_6nK1_ol2vVVcI-BSlKkSAV5ewPJ6zAYTczn2WMovPYAXRB4-NJ5FNx_9jMftu06kHGcjEANeeLVwul3iRgF8QHKhCSS1k8gQwRHyb0PH8KbRenzj2plPC4pmYnzkUd2bcU2d2pWvazoa4DrrIl37U46DwjQ-VMFYkgt6r56gquzbWgqQ-KYtDTbBAxSKxqGJV1wqvLU7Ezmghq6nMQVXmLROmVuhcy4sfvMgfMLU5onKZ_6E7A9j7N--SEL8TyPNf2kMhZgsUGTqjblQmwiMnCypM4A2lKjSWYmbQA-zkFvnsVUl29CVaMUpsBq587RmJY95vY3Ka75fCoKJEd1uZVqq6woLnLCRFQAYWwDJ0xrRQa6VBsLO2cNGIQLbnj_KSaWCZcmog9BNVjWplXlNMpR7d7R4mNXNBeL8ZyojvKbGir_XbgDK5TLpjPedhV71yN0MtK3UZ6dIg1YeDK3alxPXAU-aOo-chNuG0HOYYEm4ErzoaVXKBqNXXAGLGiGqUj2nFdUXfpm7k5iiXFkmrjFdDBXAII-v2_5m3LYsjv7GxOr-EmnkkrKqkhwjC5DtWcV8n81BCemLm9QqwEKw4sRQHpQq1NEzII-u-wvsxmW_rddIimwOHwD_6pnlRwKHBZlTScH00n1Co5bRR6QSGAwOsKS-5w6YEA_bpdlN3-hU1ahl89qPq968MIJw2shZxaP-zu-l55afbcoSU3DUR6x4qs9NcD1TqVjM1lusFRZ97hvtLJ847clnPNjVTuVgaY-GylvnCP6kTVzlnO8W8mDjl8WkJ2NzoLfg_9lfRY_ncysbo0TCfI3foEXXxVrgwCtkQ_9RoNd4WgqgvcOc5aDYAcpikwXHXqRymFSpMICZAfiuIz93UtLkh4pOtZA9deoMtc_FXUzwAY8_fvm9gaK21jF5z6tKq7MSQRs4CzyVwaMMXRkZrTIXSeS7bGoGgf6ozR0szAz1kM8Sm5hBdMFm_EKVB_GD5yZf1RROhdgW2N1ARXklUOqF7xHSd8nA8ZYVnuHmYKPKuga1weiZyWH53FBmVBo7RbcB1jNKb9o-PihkSZCvUaL8vRQfH1KOYpvU9hoK3fYQPJZn5FyMVWGybPUCiS8godbg6M95CCaz5d-aOZvXc8kXcIafLWUDh5B1MuAATwPsGPX-awq96rAjtLLFWqJoqPIrOozmxSyU7-b2ZNXD86qUj50ALAJp4eUNGTi9Gxz5mek-In7WjLjvV8Ku_68SaQ1X4s-AEc1nQkkaIpPz1m5bEjD9C9Sq7_H6XZjq7jJ0Yiw0GXQ2IUMujRCReEByIm3mDel71A9Sh21KCBN_N74F4IDkQShyGitEwYOqRi29WngOqlaMvbZYiLv3C46Wv2gpEfojrMVEljU458gnvrmNs6z&cid=CAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc&rfl=2%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 15:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98890
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jun 2022 15:08:56 GMT
as.php
nxtck.com/ Frame C530
Redirect Chain
  • https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgt...
  • https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgt...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
Requested by
Host: 290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
URL: https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.47.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
109.47.211.130.bc.googleusercontent.com
Software
adserver-ga-6966f9dbd7-82mwr /
Resource Hash
ce1c180fcc5e1356b1bd093288f3074aabb3d5355801e6121023debddbedaf24

Request headers

:method
GET
:authority
nxtck.com
:scheme
https
:path
/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tc=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/

Response headers

p3p
CP='ALL DSP LAW CUR DEV PSAo PSDo IVAo IVDo CONo HISo OUR STP UNI NAV'
server
adserver-ga-6966f9dbd7-82mwr
x-robots-tag
noindex, nofollow
expires
Tue, 01 Jan 2001 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
set-cookie
uuid=d3d34fbd-1cfa-4298-a24e-77778c47172c; Path=/; Max-Age=31536000; Expires=Tue, 7 Jun 2022 18:37:06 GMT; Secure; SameSite=None
vary
accept-encoding
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 07 Jun 2021 18:37:05 GMT
via
1.1 google
alt-svc
clear

Redirect headers

p3p
CP='ALL DSP LAW CUR DEV PSAo PSDo IVAo IVDo CONo HISo OUR STP UNI NAV'
server
adserver-canary-57cdc5f69f-8m7cx
x-robots-tag
noindex, nofollow
expires
Tue, 01 Jan 2001 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma
no-cache
set-cookie
tc=1; Path=/; Max-Age=31536000; Expires=Tue, 7 Jun 2022 18:37:06 GMT; Secure; SameSite=None
location
/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
content-length
0
date
Mon, 07 Jun 2021 18:37:06 GMT
via
1.1 google
alt-svc
clear
truncated
/ Frame 1512 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e1a4876595d2a8b156e5f35a3437c69285336fe5c1415647152263dcecb097c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 68BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQrePsnQIY1-_clgEwAQ&v=APEucNU1xTIMGJt_XVw5TQcO2sTCR8eGrSIlST7hoLzqs-8JVDWfkNoAsMRrdjG_20Tjdh9k_gicrwZr14m7hbovaCO-kg0KWDwF_dNbrC5_USPucIqXxbfAI23RfgoEhmk5rE5PVEsHposh_xJlBvscuUN5gERljh-3aYT0-nkNhg5wPDBZt9w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Jun 2021 18:37:06 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 68BB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL5nUWFRPZ2NG7.2zARc4gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQrePsnQIY1-_clgEwAQ&v=APEucNU1xTIMGJt_XVw5TQcO2sTCR8eGrSIlST7hoLzqs-8JVDWfkNoAsMRrdjG_20Tjdh9k_gicrwZr14m7hbovaCO-kg0KWDwF_dNbrC5_USPucIqXxbfAI23RfgoEhmk5rE5PVEsHposh_xJlBvscuUN5gERljh-3aYT0-nkNhg5wPDBZt9w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:06 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 07 Jun 2021 18:37:06 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP8hGNFoQUAglNLrrbdokGc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 68BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQrePsnQIY1-_clgEwAQ&v=APEucNU1xTIMGJt_XVw5TQcO2sTCR8eGrSIlST7hoLzqs-8JVDWfkNoAsMRrdjG_20Tjdh9k_gicrwZr14m7hbovaCO-kg0KWDwF_dNbrC5_USPucIqXxbfAI23RfgoEhmk5rE5PVEsHposh_xJlBvscuUN5gERljh-3aYT0-nkNhg5wPDBZt9w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:06 GMT
X-Proxy-Origin
84.17.43.131; 84.17.43.131; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.59:80
AN-X-Request-Uuid
9ee61025-02d7-4c90-bd88-fe834c2445b0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEP5VZIj1-sMAQYNVIVA_Ezw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnsxgIQrePsnQIY1-_clgEwAQ&v=APEucNU1xTIMGJt_XVw5TQcO2sTCR8eGrSIlST7hoLzqs-8JVDWfkNoAsMRrdjG_20Tjdh9k_gicrwZr14m7hbovaCO-kg0KWDwF_dNbrC5_USPucIqXxbfAI23RfgoEhmk5rE5PVEsHposh_xJlBvscuUN5gERljh-3aYT0-nkNhg5wPDBZt9w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 18:37:06 GMT
X-Proxy-Origin
84.17.43.131; 84.17.43.131; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.204:80
AN-X-Request-Uuid
3e339351-e026-4604-852d-45b3e67e27be
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODkwMDM4NDUzNzcwNTYyNjQ2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 725E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 06 Jun 2021 16:42:16 GMT
expires
Mon, 06 Jun 2022 16:42:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
93290
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060201&jk=1440873008213555&bg=!ERKlElbNAAY6sG-_OrA7ACkAdvg8WtC9GsAcRRxun1PjBczkXy0stcxTOMD3cDYZKBLHU-czLedq4wIAAAEGUgAAAB1oAQcKASFDDFx325OnEuwqMlLA1svIc6GkhiOWplWuQJkSCYr8xPeNXiRSIGsK6EKunzSx6ruPVGdfvj_7S2GISOzNvYhAPwa-NtxUs-75XZDDymDUdRXrkV7IIjvKK_RvJXBsE_X9mLo2ApbR910cJioT6g-016eDLFNLruH1enmK2-QLLqN79eO082Co8sqARgWV9oGRU57dkuaqBvJs55_BnKfpKqogoqDobYz9dh3uWeKZNrSnfLgN5Ml_6-6brjHKvcfr1awY7NpNKLhpyDSZKOAxgH4xaOy9WX8VXjt-dd5J6x7aXJMYMeeCuR_PydKqCL6jBOt2-BC_jhk63a78Nymt_hWNEJn0gIxgxskvezBSx09SxdhA5QLqFbh7suYSucFymQI3s8BHjIrH_ihxoZt24J98pfwOUwl545rAuNJyXWPJH1pFdKUpLbA1Va5GW8jPVGQ_DQz68WPEZrHJUFLSi2bX-m9MjxbkQEJqJ0Ic-YExVbPbYE92CDknIQkpBXkc-7lMknd0sz7y-jersRwsiS92bPnCpX1eWKkpKEVqJ7ZX8ABxaFHXLvDFY2Ngz3mBR_0dITmswz9uhi-brInIJqIYzk51SIVEVdh_qDqaf4wF4wy1k062JAM2_B-xclzw__z3oZIT2oa4MttCSnbyJo5ivoF7V_WiJ5ejN7QpOHOikw2rC47OohbaTmPpd1-DoHgeeiwrSEq-ZPu18TxJKi8Fv1Abgx1g34RWTAQXxeDgW2fnfIJIyoCi6rUkFvr0UKclhHcdbPgDNR3rrDnLoFZmkplyc49MfPqZA_x2FZno4K7KIwsMhb5ovt02P8fUuHyaV6gcLwIWdOzRARuMXLjlT5bg7JcJU4EY04ngZ1zrm5XJfUFFZGbrp2Y9kkve__JFAPevmWKakQJoxbbOhOlKREYI8AZhii4ufM02dVcpzqeDnokf7XLfmqHm0A-x0HTi1-4WzJq5wYWf5-jZKcOk5lPfFq-EH7EKm9taeLr1h2QAmS7WW2lcdvY6QP8UbLCxQJmmqJeGTwyManqQbWRmUxBf29TWnrcEv0TouH_6M2wUnkwv1kqas3yQfZWH7fjpBgBqD6ZuTerhBNRqZYfKHiRpm9Mx28ZBzM79uF0-yQckyz2lgU22
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame 725E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
1437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 18:13:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F8B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZNylUWe-YMCnKoXk7_UPvPipkA0AAAAAOAHgBAI&bg=!VFelVxPNAAY6sG-_OrA7ACkAdvg8WqtB7FyGNYVwjZJMOl-hDsKyLXMzL1BgxbhfyEpgvImxyuHT0QIAAAExUgAAAA9oAQeZAuLUINIPhARKCXL_fML63wMAbzwOCWBMA1hDwvqmqC2aqnEMGPl3IibLUbhUwQbDCEktUAf1BV_yB6U7PzFSD-C-FMFNtPA17AcVDTQKEtrh2Xnjh0mBuEIAOfze7ydP3FOlc4H6_BEICYvLsC1Dz-F09FXTwOGOWraxXiimHBEuKDCJyL4pvjw2ltPE4PP50lepGEQbANLYVWAF3dkdpxxHc5AagQkBzIehbQi4wDj2hqljPlTKivoQw6fLWukqjxPQYtV3PCsseMmj4Z9DkEMWp-VoMBeqY0kgQPXDDPb6PzMqlZv9KJyTNvDruCHypPO07AQREtJjWvxUuKEr-ZlCnMMpFBXK83qo5AfgVn7IVGge1jX40qLLoVg8Rhqn_PHHiFfYLhKnt6GpkvJpep-gSn_My_WtBpIzsNbiFIvmBvJhHjKq19C_Dcm5Q-x3bI6CPcdNQVxMwE7-mvIuYbde_lp2w8EsMQLqiv9RcmdAQuCBIkZM1t4KxhgRD-aBOehx0Pk3_h85qanq05u-a7SunZ5bP-KzuJztl2YgbOO2jB2fEG-oUvA8pRA4_y7NDZiF_yG8SYo2AXMZyP8sYSpZYpesRK_SYwOolEote39c5a1csZKRLkcQ7n2ZsTgqhRAcrtja8xi4vr4KROWVjoiYZzsZtMn7jX-O2jFn8QCKCMwrxYrhbp87enwlFryBwA7fw1rGDDUX7SM19fTdPWw_Abbj9mlAMX4l3zpgLNIsdMrgkclyI2_vsxFPIX2j5npz30PYqwG3oLsOdy-TiVMvnueEpLnEen_mbaLEkmnQsrTZbakPB4wIQ84Esa6haps1R1a3RvUrJpJnKE7yICQ6eQ5yXhaVTugzefhaQj6VDDVLlQ0KqXRNLICSIBE6kcAN7rmvaBv-GfVda_db3jLFb9X_UsWAVS77mLjrFWddaMt9ORLPMzS525myM9sUsltQJVTyvWFIfTvU8O2nMXIsBBQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame C530 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46a7c53d9c799f561bc6866a6a5a9a5bd52343b12cce788bfe28d812ea49e5b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nxtck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3800
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 14:20:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Jun 2021 18:39:55 GMT
rm_iab.js
cdn-ssl-as.nxtck.com/iab/js/ Frame C530 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl-as.nxtck.com/iab/js/rm_iab.js
Requested by
Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.167.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.167.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
77dd7a6ab6c5b70535f944b314aefb2139419836cfcac9d57f765fc7c123b82c

Request headers

Referer
https://nxtck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:06 GMT
via
1.1 google
last-modified
Wed, 14 Nov 2018 22:57:04 GMT
server
nginx
etag
"5beca840-a1b"
content-type
application/x-javascript
accept-ranges
bytes
alt-svc
clear
content-length
2587
impl_v73.js
www.googletagservices.com/dcm/ Frame C530 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v73.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b3e2cf988f8740842a124c2812f5b9dd9d1c6aa7b2aaeb4247ce73e313a22d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nxtck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 07:39:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15487
x-xss-protection
0
last-modified
Wed, 02 Jun 2021 17:36:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 05 Jun 2022 07:39:56 GMT
B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads....
ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/ Frame 4526 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
a1f97caefce9ba7026b2a47080d185d2c6c87124b3ded26b1a23f3944e8963d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nxtck.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUk7Zm4bIb49QMBJd2uqWYve-0JyHZUlD_XyMIFBu1sSPOeqqFxz3BUwtloCFkI; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nxtck.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 07 Jun 2021 18:37:06 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
19504
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 725E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEXibUme-YKGWE5Hu3wPk7r7gBwAAAAA4AeAEAg&bg=!HR6lHlrNAAY6sG-_OrA7ACkAdvg8WpALVLihZosSXxYey3VjrKB_03M5iMAdkJFDdhT0ps2NO_7yQwIAAABwUgAAAA1oAQeZAueAzcfee97buZnW3O75EIPVzlSUIWQe2wkM-RQWnhs9rJHFKq3xmJgfu5lfoa_i0QJhqzQHsLoTIG4qBhihgS7ZDdETQiBaQ3Nf1fXCQPik2kY-5paUXLWxvKd__4-rcYsDSXrJH9MlrkbwjvNROPcq0jc0nLcgUwMqxP93x4qcw9nc20sV3pcEZZLAnO2hER3pYB_bCeBD61wGixzPAPefa79L8ZftyEeJDXuki_f3fkmB6VA96_K9KMKoABXE_r9qBy0epKOduc-EQVi1HTP5LmoKbDhd4ZYb9zavzoGRHmDQe63n0ZehQJx2emhDER0rxgVkD8b0Z9uB9mRAuxbpSaADAMaqlr8I2HYkGN-NP6up_c22nwPNzje5kPPdPLv5AydKMhFLmxzXQHu2qeVC_aPfkmgF1NN2Pc-AOrFNlAHc96blPORX8mQ_xivVobro_Ie7PZUS7eYSUtq0vrbDt1C5qGinE8tfqRhPO8m8_JPt_TPqT5fGPQ73cd9EePNkG7pzFGx-4lKAqgvEtjpiQr8IPhlgm2iZ1yO4hxlkygjIwvuAwnWRMHp4tjpj-urw3_KkiaxCIswkcxYmE4rpnVY16Tyr7EhmOQUicNscTugbCaubn5DSyVL-JNRp7tnW8JkSQk-l5vpjHfUH55XYzQx3NXxchLRWk0gFFzT_u9g2aF_4LEFJk_StlDWVYmR-hcp60ZG6dSq_ReYtEshJd2VfTqwX6II1_muQyVG2aGkvyZrGOQV5584miLn8uw24sNxSVTUSUnpUhY4P4z5r4NeQ5D4kNv8Isf2GJHZZQHMxVY2Gn-OIj_va9MfZ_fzpjk9-wt5rcx7X-TjIEwB6pMoW0_72Ew9hiWGhsVtucUYNhBzhpPwWwlfLd_gPH48H8eC_a3p4rI7hYWKJa-Duk7K4E-rC004JdWMGFtUT2Eoy5j_k5UDs8ETvohQKSoDo0fJbjiFfQsuu4rsbM90BU0mtdjB8SA
Requested by
Host: 290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
URL: https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OBA_marker.png
cdn-ssl-as.nxtck.com/iab/img/ Frame C530 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ssl-as.nxtck.com/iab/img/OBA_marker.png
Requested by
Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.167.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.167.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://nxtck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:06 GMT
via
1.1 google
last-modified
Tue, 02 Oct 2012 09:47:13 GMT
server
nginx
etag
"506ab821-cbe"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
3262
OBA_en.png
cdn-ssl-as.nxtck.com/iab/img/ Frame C530 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ssl-as.nxtck.com/iab/img/OBA_en.png
Requested by
Host: nxtck.com
URL: https://nxtck.com/as.php?if=1&zid=56367&cpid=23227&cb=1623091025808448&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3D&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.167.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
126.167.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151

Request headers

Referer
https://nxtck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:06 GMT
via
1.1 google
last-modified
Tue, 02 Oct 2012 09:47:12 GMT
server
nginx
etag
"506ab820-108b"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
4235
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame 4526 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Jun 2021 18:33:04 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 4526 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ad.doubleclick.net
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 19:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Jun 2021 19:05:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4526 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 15:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98890
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jun 2022 15:08:56 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2994 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 06 Jun 2021 16:42:16 GMT
expires
Mon, 06 Jun 2022 16:42:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
93290
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4526 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:37:06 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622806011323838"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Mon, 07 Jun 2021 18:37:06 GMT
index.html
s0.2mdn.net/9693237/1611151990508/ Frame EA4C 		43 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9693237/1611151990508/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc2666cab0b3633b292f872b528529e4e96637d2a93e7dbc9b89e786a686c6af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9693237/1611151990508/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
13952
date
Mon, 07 Jun 2021 08:22:39 GMT
expires
Tue, 08 Jun 2021 08:22:39 GMT
last-modified
Wed, 20 Jan 2021 14:13:10 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
36867
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4526 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuewxvWqo6qzkZjlZRK1SPTHn2y0nTEm72fxhqruMts9frGJX3pCrvJoZXvZZFIfJz_AJ_Nh3SfZHx9e1Fet-0RX9imFWec1MRANKfNisp1Po_Jcgo9xeLUi7gWvaDBDxRPh2wRQTrJ_R0w4RIKIfCuOkk2ub1cv7QN8qeR4SU&sig=Cg0ArKJSzAW2-BOcy22cEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=35&cbvp=1&cstd=33&cisv=r20210601.00273&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame 2994 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 17:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jun 2022 17:40:27 GMT
logo.png
s0.2mdn.net/9693237/1611151990508/ Frame EA4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9693237/1611151990508/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9693237/1611151990508/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c1380e5be52b90accb5f5329b2f3c4adc335df500c43b63a48f204809b7f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9693237/1611151990508/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 08:22:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 14:13:10 GMT
server
sffe
age
36867
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3115
x-xss-protection
0
expires
Tue, 08 Jun 2021 08:22:39 GMT
text_01.png
s0.2mdn.net/9693237/1611151990508/ Frame EA4C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9693237/1611151990508/text_01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9693237/1611151990508/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2d0c1f2fdba47c0681424e4ddb23815d6671e1f5b14b7e2ee3d64e098c4184e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9693237/1611151990508/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 08:22:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 14:13:10 GMT
server
sffe
age
36867
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3867
x-xss-protection
0
expires
Tue, 08 Jun 2021 08:22:39 GMT
text_02.png
s0.2mdn.net/9693237/1611151990508/ Frame EA4C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9693237/1611151990508/text_02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9693237/1611151990508/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58aee178ebea3287f137a29cce7c93b31bf15853d4e9c4b40b89780fafd3f48f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9693237/1611151990508/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 08:22:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 14:13:10 GMT
server
sffe
age
36867
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9630
x-xss-protection
0
expires
Tue, 08 Jun 2021 08:22:39 GMT
text_03.png
s0.2mdn.net/9693237/1611151990508/ Frame EA4C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9693237/1611151990508/text_03.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9693237/1611151990508/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5bddaa73f3de6729f08fd0a1385bbcd109bd8fa6a877dab20d47f385dfca10e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9693237/1611151990508/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 08:22:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 14:13:10 GMT
server
sffe
age
36867
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7499
x-xss-protection
0
expires
Tue, 08 Jun 2021 08:22:39 GMT
cta.png
s0.2mdn.net/9693237/1611151990508/ Frame EA4C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9693237/1611151990508/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9693237/1611151990508/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81e0d602126ecb5035db57aeb898c2fee841baecc9ed8d7c3f89ecc912fb3e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9693237/1611151990508/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 08:22:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 14:13:10 GMT
server
sffe
age
36867
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2058
x-xss-protection
0
expires
Tue, 08 Jun 2021 08:22:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4526 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuewxvWqo6qzkZjlZRK1SPTHn2y0nTEm72fxhqruMts9frGJX3pCrvJoZXvZZFIfJz_AJ_Nh3SfZHx9e1Fet-0RX9imFWec1MRANKfNisp1Po_Jcgo9xeLUi7gWvaDBDxRPh2wRQTrJ_R0w4RIKIfCuOkk2ub1cv7QN8qeR4SU&sig=Cg0ArKJSzAW2-BOcy22cEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=72&vt=11&dtpt=37&dett=3&cstd=33&cisv=r20210601.00273&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1119185.152785NEXTPERFORMANCE/B25214695.294017284;dc_ver=73.216;sz=300x250;u_sd=1;dc_adk=1436647555;ord=ozbtk0;click=http%3A%2F%2Fredirect.nxtck.com%2Fww-redirect%2FWwRedirectServlet%3Fp%3D1%26clicurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTPDUUWe-YICsMbWYrATs1KnoB-jZ-shiwrXEvJsMyqel-ugOEAEgtKPufmD7-fyCiAqgAYW3uOIByAEJqQLeJUCuYmi0PqgDAaoE5gFP0H4Xzk-XyEal2Uxc58O7wbp8dTgGfVqntl1qbSl30tYQ1XEFb-4w6yqdEEO6Z2JXknvxZvUsj6n1bZY4Lreb1cmV66v4ogVMbI2jBKWUCE0HlKxRtxDs0u1bWRhCflw7rYSPPX0V_qTPiXLwQ7xbvz-6XRJwu8GVK6xl0msG6qaOa7Y7umvKgtA8a6Nf14o0xl0xyIKYJf7BRqIc-iJ-lzdI3R1S1NKLbtslNAI0segqV6s18f6J67_QUcXv2k8gBkmU8V2rhgjx3_U_rD48b77aUx44yTnFx7RiSHIH65__37cMhcAE1qWPs6QD4AQDkAYBoAZNgAfjyMedAqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YBQEAEYHYAKA5gLAcgLAYAMAbAT88rcC9ATANgTDdgUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASPeRoF_fzevypJUrOWm1FQnvmxkPQflRRJZx6uE_yeaul5CpVdEKXPn24iGaAwCcUssS4GYeXYEjr53GS8rc%26sig%3DAOD64_1OEywgGfgy4GobTkN_EowMXb2qEw%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-BpraKmv2U1Qc1gvAX7ZQni-9MDOvymhOXjcvcBRRPfRxp1cTcz4nqM0mjqd6KbfXpOZfhFoIKIvPtyfr42Q3ScE6u-zR4Y1_hXUZJ2HmDPubHqthwSDqnLKfLndytWzhq_09T3CnxOJ9OGFpegNv7OK7hQCQ%26dbm_d%3DAKAmf-CRzjnK0LDBzijm07WNPYwDZKfWBFY-S7eHiXwR_kcT-lJNrJB0GgzVmvFKZSkaBXCXirNVnovfg54CBsKfM9RrHR6h9bD2jsLp6OpVMFPAg-qWPItsf-TnjtH_2LWTBmPPBDWknMoWNHRSqHbDuYGCAe40HwwWCnLXkSmavTgEmlRuNxKp6KEyC1vgQ0rr8_EOy1-r1ImNwS84BwDK_0dz1IJUIdWSIrQJ9lkEIT3ZsxW_SSCWssW9jbqiCjn44S9Zfamac1BBCkC03-0QJjAa7e-KlhNDiEwC2SUFl1sgmFzFT0U_ATqFv-EeMI3tSctIJngBjtZWYh_cWRd4iOVpD1OFDQ9pyj92CqFZr_MjOz_TAsHUaIEWvBm5D7aKuio3k2qpOUUrq7bKmWG8RaFn-0LajTdRbar8pejEYMlqxQOeK1oJ6NdfkOaeH9o4zOLrUPwYjzi-hMF1CUTgP62IcndnFg%26adurl%3Dhttps%3A%2F%2Fnxtck.com%2Findex%3Fclk%3D1%26zid%3D56367%26aid%3D581962%26ev%3D75873%26rid%3DhS06rIGc257GqnMO%26sid%3D565077872%26uuid%3D7dfbef88-2a58-4040-bcdc-b92b376cada1%26ecr%3D%26referer%3Dhttps%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F%26c3braK3c%3D%26P0uWe7tE%3D%26rawloc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fsci-hub.mksa.top$2,,https%3A%2F%2F290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=aPtg1jpoub;osda=2;sttr=32;prcl=n
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E0E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSMVRfhKTcL1Yc6J9lnfi85vVUqGcywJJmArcHNPz3lHR5pjE3Ye2lcGCTD3jKsGi4mfkc4gxj0xGKrFZogkVzlDFShBTySgwt4LdJPJtpNYlR75VsbjaQaUBE2w&sai=AMfl-YRUF7yhzeXn5Jp3BfXOv1CbEOB4EsnHbvxhZUbGSeey1w_oJ5o7196CcxLEZ17TyYE-9O9XUhYDo8ViOfPQzt7iitX_OpW8nboSTefovlyULdnHMdTzfYPw0SUJmW8&sig=Cg0ArKJSzCPf2af1myUbEAE&cid=CAASPeRo43F0N5hxVPhkZYqppq8sN32uGDCwPWWo7hIbcZeeUYJNVa3AVH2H0GHWFCR8piWaLuXCWCafGfGbiSk&id=lidar2&mcvt=1006&p=900,315,990,1043&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210604&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1836978441&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623091025661&dlt=13&rpt=178&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2994 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6qIVUme-YMP-JtnE7_UPy6yDQAAAAAA4AeAEAg&bg=!FhWlFVHNAAY6sG-_OrA7ACkAdvg8Wk0VyyGrMzi6Nhcy6zzDquIy2Vk06WW1fMH_qn_A4hsWHMaZtAIAAAB2UgAAAA1oAQcKAFBsxKm8T93jeN1T2pC1fkYsgyC-AbJBC0qMiHOF7znra6ik7I_aBA-7mIrbSvGs7WizjFFr-pD7pMJ-NCPqk0VKlOtUfhS_CY5ovvAO3elzaZkDBxdmwrgrRLXgNOVsf8AshmiZa494D3gOvKIO-dm-jb8W8aw6RMpWsv-6Uu4yeDAFzTQ5PrqO9yDu6Jd0e6fL8Wm73zmf-9A37SbqMYnJNUGMztW-o4-2IAcQ4nd6yRdlpKJpC1lGEfEI5rhKuMotnFwLZNxfvyl-9Eoz7m4VMZz5zQz_TiuimeZ_Z9v9krH_tIjcPUBZD9XAUer1E6Bu9VEReRCRmwJj6whFQRX4PeEr5I3iVqZpjOsA_9Odunuz26BwXZfLU6-g3qpPwv_WQq8Kaype28umSGW0WQU39L1-GGGrzvz0WMMVBnP2TcQbRBROy3CYJyMUDbplxy0g5DToQpdOJhCCKjagqfEXRtnK1V0M2H3XiYNHRd4YdeF1vh-4oXZb-K07qxlDouqyMU1hlBxUPjEqQHK-YwN8matNY93nhtLqrvJXmFaI1doz02MKY0DrAp3ZXWqQjwoHt8dWeWE16hpllEed6ubgajq3FO2MN4aJm8M8vZQRFg7qqTnWPnAqrRXKMQgrjikK2xgsM6MbJ2f_lIMw5qH7ykXL3Mur6nT5l_JabsC07B33YK4plXLhJcKVGfaPuFp2ixoL6aWjhRsxEULPEZWgj8KBqfjP0Tj4wzrNfIQA4Barszw7_s43gRZ8aG9togKKUfGXqZ0JjqNDzgeqXaT5eAqwyUevFltsw3ibBCtfge2ZX478bXD1T4qoRP6_UaFABHp95cZq6dnOzBa0Akd3W-KXXdRZW_bHuJ0Dm5LIZCnuvoa9-LFGmE0BMOmfrwd51ExEVV4E0qOWBL4m0wj1H1Bcj2_09CsbDV7-wR0wCa5qe4v59hWHhoPK11bh6mgyTHPyX8uSlukDj90C81hwJ3iLVha21hPBpY0oKH_mZrCZ836hu1mpcfHYyEU8eJIqQ0S8XolujZcmcrzATnitq1Rgq4ZZ80vTfZZc7t0U6foqSw6SdsJF7RAhzAiuQXZ-71GO9MvpDgTYeBMNiGTbQ0ScIt1_xxSsrT0KZfMqnYZgyv8xeRPiCD0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIgJSZoJWG8QIVBfK7CB08fArSEAAYACDLwYpIQhMI-oryn5WG8QIVhLp3Ch1hoQKI;met=1;&timestamp=1623091036114;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 2E0E 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgJSZoJWG8QIVBfK7CB08fArSEAAYACDLwYpIQhMI-oryn5WG8QIVhLp3Ch1hoQKI;met=1;&timestamp=1623091036114;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIw-_SoJWG8QIVWeK7CB1L1gAIEAAYACCpnotF;met=1;&timestamp=1623091036787;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 4526 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw-_SoJWG8QIVWeK7CB1L1gAIEAAYACCpnotF;met=1;&timestamp=1623091036787;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 18:37:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sci-hub.shop
URL
https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go object| googletag function| gtag object| dataLayer number| ifpluso object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue object| pluso object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| k string| pt object| s object| adcm_config object| a object| m object| adcm object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

3 Cookies

Domain/Path Name / Value
.mksa.top/ Name: _gid
Value: GA1.2.1386305672.1623091025
.mksa.top/ Name: _gat_gtag_UA_193456449_1
Value: 1
.mksa.top/ Name: _ga
Value: GA1.2.212174344.1623091025

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/032105281634000/amp4ads-v0.mjs(Line 17)
Message:
Powered by AMP ⚡ HTML – Version 2105281634000 https://sci-hub.mksa.top/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

290a47e9b96c8703a0e9a9aa4ee50da1.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.fr
cdn-ssl-as.nxtck.com
cdn.ampproject.org
cm.g.doubleclick.net
counter.yadro.ru
dmg.digitaltarget.ru
dsum-sec.casalemedia.com
fnc.rt.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
groupelaposte.solution.weborama.fr
ib.adnxs.com
img.sci-hub.shop
kitbit.net
laboutique.commander1.com
lh4.googleusercontent.com
mmtro.com
nxtck.com
optinder.com
p1.ntvk1.ru
pagead2.googlesyndication.com
s0.2mdn.net
sci-hub.mksa.top
securepubads.g.doubleclick.net
share.pluso.ru
stats.g.doubleclick.net
tag.digitaltarget.ru
tpc.googlesyndication.com
ut9.rktch.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
img.sci-hub.shop
130.211.47.109
142.250.185.130
142.250.186.34
142.250.74.198
172.217.18.98
185.15.175.137
185.15.175.144
185.15.175.159
195.66.82.41
2.18.234.21
216.58.212.162
2606:4700:3033::6815:35c2
2606:4700:3033::ac43:a162
2606:4700:3035::ac43:c8d3
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9d
2a02:6ea0:c700::2
31.131.252.94
34.107.167.126
37.200.67.211
37.252.173.22
52.47.207.212
88.212.201.210
89.108.97.2
91.216.195.7
055ec9b24dc5180339a4158ce8757666a303e3ef0b9c12e87644fb7cebeb12f5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1362270a37e40f6f8fa39aac7697ef003592cb23eac2a6b68775105462a627b6
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
219410fa0b7c4cc462cd4096b8fe3945f1e416b2c79a46c27a65dc1a67fc341d
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
2995615474b2ef92946ae6000ca992f89c7ff861082cacb1aa2176e81b1514e2
2b0c03d8dfc173fbc64deb1d4485e59ff3343254d5680ed354c5ab9166fa9b01
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30c1380e5be52b90accb5f5329b2f3c4adc335df500c43b63a48f204809b7f76
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3646d20ae553409abecd3b5359c529b3b21b16a27466ef145d88ceda8a7a3254
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
40275f8603fc3d13cb9001f13f57a9fc2680026d2cbdbd58cc3c6ba77ec8db9b
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
447e90fd9f2e15e0f6327bb7f1db05270648ce924a8c8e8d801fd5d8d47d38b3
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46a7c53d9c799f561bc6866a6a5a9a5bd52343b12cce788bfe28d812ea49e5b2
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e1a4876595d2a8b156e5f35a3437c69285336fe5c1415647152263dcecb097c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
58aee178ebea3287f137a29cce7c93b31bf15853d4e9c4b40b89780fafd3f48f
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
5a0da3f86d0505c67db1fb2287ce92548014d4ba7969eb76b7f716a5d5009e8f
5b3e2cf988f8740842a124c2812f5b9dd9d1c6aa7b2aaeb4247ce73e313a22d0
5eaf9bb5a7cff519a02c444a6a24eb8534d3c630b6bfd2dd608311cad7799940
5ee49cdca95dcbdf9105b0d523ba8d868e4180288130b245b164d91164c8e985
61024309a5732eda4017f81dc2f248c787e997c2b23a93afdaeaf03f49b7a5d1
6374c924a41cff3df9f1111311ca028ef9ac6911794ff75547811b7f2637a22b
64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
77dd7a6ab6c5b70535f944b314aefb2139419836cfcac9d57f765fc7c123b82c
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7946de430745c3c02e8186bbc5860343f4f5849cb52998b83552459a90c63856
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81e0d602126ecb5035db57aeb898c2fee841baecc9ed8d7c3f89ecc912fb3e01
835b8e7fce8c7030ab18fe28277589c21b062b5b6e6301939cb1e62b1af3f151
84430d6abc2891ae6d6d74e51804bb5edfb8406efad225ad57d89801a1cd7d2a
84b5229d1afc0962f11d27c8875317a0d92da419a5e6e2cf0ad02934e6f943ab
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
85de52f1793078186a21d24b666b1bc1af8adf6ebafa753865373938214c37e8
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8d5ec527dd900924fe70f46d875af0533fd13377acc2ac28f2d923932a3167dc
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1f97caefce9ba7026b2a47080d185d2c6c87124b3ded26b1a23f3944e8963d7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac39fd2de34b92759571eae7493ba485a9c437b55a9b17e4ae0c2af108658e30
acde19dd39fd4b3b76819f21d622af86dcdf0cb00967a337a01005e8316ccb1f
adcdf7270ea1f65288abadefce0bfe9b4004f4e8912a760fb3cb083961c81469
afcea64040738271b127e7b2338adaf40a6612e0320ec5e4d1e5353d92a3bfbc
b08b8fc2105b00e5478e0a7de5d92f062655334c69f173ce1f25543b9f942e96
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d0c1f2fdba47c0681424e4ddb23815d6671e1f5b14b7e2ee3d64e098c4184e
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdd4003804f6ce8052531178f70d642ad8fdc912033665ecc0b38163acd16b9a
bec5f2d4c04b745da44edaf721e56b231f9d08914a11b397d848c40f69d0c48f
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
cbb90c9eaf5d2c67cce901767f2bcea3cde40b3777b6b208d54ea7ea671948d2
cc2666cab0b3633b292f872b528529e4e96637d2a93e7dbc9b89e786a686c6af
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce1c180fcc5e1356b1bd093288f3074aabb3d5355801e6121023debddbedaf24
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa2c1817acc9845143087b8f08cfbf450334d63f8b69ea16ec5bf8222cc9ae8
d5bddaa73f3de6729f08fd0a1385bbcd109bd8fa6a877dab20d47f385dfca10e
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1a7295d9e648bc7779a1dac229a0e5de9c6edc7bdde8782cff839ca66576df9
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28
ffe7c3d559780b916266217b3683f10a7edbc655d5e11149a36e6f74af8fc68f