urlscan.io logo urlscan.io
SecurityTrails logo

sci-hub.hkvisa.net Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://scihub.scihubtw.tw/
Effective URL: https://sci-hub.hkvisa.net/
Submission: On October 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 23 domains to perform 113 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.hkvisa.net. The Cisco Umbrella rank of the primary domain is 436641.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 8th 2023. Valid for: a year.
This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
21 2606:4700:303... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 13 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
1 85.14.248.71 24961 (MYLOC-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 151.101.66.49 54113 (FASTLY)
6 142.250.186.66 15169 (GOOGLE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
1 3.121.158.177 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.157.5.133 198622 (ADFORM)
1 2 88.212.202.52 39134 (UNITEDNET)
113 20
1    2606:4700:3037::ac43:dba3 (United States)

ASN13335 (CLOUDFLARENET, US)
scihub.scihubtw.tw
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
sci-hub.hkvisa.net
21    2606:4700:3034::6815:9e6 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sci-hub.shop
15    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
28    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
1    85.14.248.71 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
at.bahn.de
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    3.121.158.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-158-177.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a05:d018:d29:3605:316a:16ef:4691:e00e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
Apex Domain
Subdomains		 Transfer
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
499 KB
21 sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 408191
583 KB
19 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
141 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
106 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
601 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
177 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 10154
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
716 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
146 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
553 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
612 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
545 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
104 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
1 bahn.de
at.bahn.de — Cisco Umbrella Rank: 140295
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
91 KB
1 hkvisa.net
sci-hub.hkvisa.net — Cisco Umbrella Rank: 436641
7 KB
1 scihubtw.tw
scihub.scihubtw.tw
450 B
0 kitbit.net Failed
kitbit.net Failed
0 pluso.ru Failed
share.pluso.ru Failed
113 23
Domain Requested by
28 tpc.googlesyndication.com googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
sci-hub.hkvisa.net
pagead2.googlesyndication.com
21 img.sci-hub.shop sci-hub.hkvisa.net
15 pagead2.googlesyndication.com sci-hub.hkvisa.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
13 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
sci-hub.hkvisa.net
6 cm.g.doubleclick.net googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
4 www.googleadservices.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
2 counter.yadro.ru 1 redirects
2 c1.adform.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 at.bahn.de googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com sci-hub.hkvisa.net
1 sci-hub.hkvisa.net
1 scihub.scihubtw.tw 1 redirects
0 kitbit.net Failed img.sci-hub.shop
0 share.pluso.ru Failed img.sci-hub.shop
113 27

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
hkvisa.net
Cloudflare Inc ECC CA-3		 2023-02-08 -
2024-02-08		 a year crt.sh
sci-hub.shop
Cloudflare Inc ECC CA-3		 2023-04-23 -
2024-04-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
at.bahn.de
GeoTrust TLS RSA CA G1		 2022-12-14 -
2024-01-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh

This page contains 19 frames:

Primary Page: https://sci-hub.hkvisa.net/
Frame ID: E87E6B099B74F9C574F3F2C21D26B300
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: B5A665DCAED9194EF1A490322311D674
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Frame ID: E47B1F974491DF2E867AD76C0A879A5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1696548644&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844688&bpp=1&bdt=516&idt=168&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4YzhBuFsBQ&p=https%3A//sci-hub.hkvisa.net&dtd=171
Frame ID: B43E0C23D531F00440D423AC963A2A19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1696548644&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844700&bpp=3&bdt=528&idt=178&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185
Frame ID: CAD83780665FD39C98248E460F55F90A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Frame ID: 37C70FA3D1CFC14DB86D2B8BDAEC79F6
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=3576002031&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1149&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5VKbpL6l6T&p=https%3A//sci-hub.hkvisa.net&dtd=7
Frame ID: C821C9579E0C5902341244FDBD2A2484
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1878021256&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3jyfAySsWC&p=https%3A//sci-hub.hkvisa.net&dtd=11
Frame ID: 1C8817240BA1D8479A895211CD813308
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=3460618075&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=1&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=B6CybiTAMU&p=https%3A//sci-hub.hkvisa.net&dtd=14
Frame ID: 23545146A33177F22D2AE7B7FED1E1FC
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Frame ID: 1A7D9E9A37A4BEA83CC655B231FF622F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 66A8B0E1AC7DC2FAD72F4FE8B7767742
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=2827209793&pi=t.aa~a.2873812152~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845324&bpp=1&bdt=1152&idt=0&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C200x400&nras=7&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=gMWPAOBjHE&p=https%3A//sci-hub.hkvisa.net&dtd=212
Frame ID: CE6A379BE3E1B09EC6BFD420B4048903
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Frame ID: B267FC1B23EE311153E10DB423ED7F8D
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: FFA0E52CF76FD609F4EFEDDA516F28A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C765775342C376A3B048A94852529611
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: 20CDFB44838E85DF330CCBC9CF2352A8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: D92CF973EE439C597F0F9E56912CED75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73CDBD894F61DC395655C72F0298FB3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07776AC5703A4039F6546D7AABA6DBCE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sci-Hub

Page URL History Show full URLs

  1. https://scihub.scihubtw.tw/ HTTP 301
    https://sci-hub.hkvisa.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

113
Requests

88 %
HTTPS

64 %
IPv6

23
Domains

27
Subdomains

20
IPs

6
Countries

1607 kB
Transfer

3620 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://scihub.scihubtw.tw/ HTTP 301
    https://sci-hub.hkvisa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CA1ryRGMfZdvrNa2RjuwPvJeS-AGpgqSZc57jtezgEd_vr-a7IhABIPOq4XtglcKmgrAHoAHJ7ZL5AsgBCakCw_wrOVGysT6oAwHIA0iqBNQBT9AxIL_8ZX9h4I7xnu1BZa8ymKKjX9OQseDOrgweaCj8cXUJJeokbS5dXZipdNYRlU8Py2wRJoWMzK1JvSwcOgj2dMh4wBO92oUnQdKxayJYOK2_vLWYm6p4St3fnq9tPjKBaaJZdOXv-GuX4ovWEPxkE0JbaclzITZFErfAXK_5EE2owTjQ-F8R433AVmq5Px0kzVXWPGgtyhF0cnp7QEcEh7InHz_ZC5xQo3kHy8V2qfdsdLxsPooDN6QuNwPoiq3dALI-1oCdwnFF5i6VXIMpULrABNSa7ca9BIgFkK2E2EygBi6AB5-S7YYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyusn0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJsgJodHRwczovL3d3dy5iYWhuLmRlL3NlcnZpY2UvbW9iaWxlL2RiLW5hdmlnYXRvcj9kYmthbmFsXzAwMT1MMDFfUzAxX0QwMDFfS1NFMDAwMV9HMTU0NDhfMDkyM19GVl9BV0FSX0RCTlZfREItTmF2aWdhdG9yLTIwMjNfR0ROMV9QaGFzZTFfREJTX0xaMDEmZXh0UHJvdklkPTUmZXh0UHU9MTQwNTgtZ2F3JmV4dExpPTIwNTg1NzE1MzQ0JmV4dENyPTE1Mzk2MjEwNjE5Ni02NzYyMTU4Nzg3OTUmZXh0U2k9c2NpLWh1Yi5oa3Zpc2EubmV0JmV4dFRnPWN1c3RvbWFmZmluaXR5JTNBJTNBNzQyOTIxNDkwJmtleXdvcmQ9JmV4dEFQPSZleHRNVD2ACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNDc4ODA4MzIxOTIyNDI3OBgA&sigh=pfCJmHTfsgk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNzFclO9q1bjp5lheBcAmOqCeYiFaFAO4SsOZYNqA8fM4PzKmguWmBH3GzoDudP172lC0fHYUHzarMpazuE0-6hq8Y4mYTlxgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217377815090015246372%22,%22debug_reporting%22:true,%22destination%22:%22https://bahn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22790935241%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225537948653982651729%22}&andc=true
Request Chain 88
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENqbBtG4LqHXuzsdVaS5XAQ&google_cver=1&google_push=AXcoOmRaG__FtZahJwLqwhwPSGi4yUOOqQ-PQBO6gTVGW2hdBFXL5f3WlBURM8riC3GqgqdghPA-1c7IRPp03Sw9FtrIUH9c5r12zsw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENqbBtG4LqHXuzsdVaS5XAQ&google_push=AXcoOmRaG__FtZahJwLqwhwPSGi4yUOOqQ-PQBO6gTVGW2hdBFXL5f3WlBURM8riC3GqgqdghPA-1c7IRPp03Sw9FtrIUH9c5r12zsw
Request Chain 89
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECTbU1NNx8WXu4042gP9Zo0&google_cver=1&google_push=AXcoOmThgeMqmIvDYRMeuBuVODfMGab3YjCPU4UFfQHtkzXI03zRvZaL8RD-HvFX__A2vkw8g4q0YqKvX-ru9hbd7FmfsmqX308aSw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmThgeMqmIvDYRMeuBuVODfMGab3YjCPU4UFfQHtkzXI03zRvZaL8RD-HvFX__A2vkw8g4q0YqKvX-ru9hbd7FmfsmqX308aSw&google_hm=81z56YxDR8GJw-7_UzOTSWU
Request Chain 90
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIYyMuwK0eyIaOsNtV9D7Zc&google_cver=1&google_push=AXcoOmSyCI0Bbt-mZsdEkrOf288bQX7MNyuXryglENyD2bIm_hz3VlTwuv7EVkftHp2proetFIbScEyaOSQSdUKyuAcwsG76JD7izg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mYTmjIhFQR4pNeF1IwZXUQ&google_push=AXcoOmSyCI0Bbt-mZsdEkrOf288bQX7MNyuXryglENyD2bIm_hz3VlTwuv7EVkftHp2proetFIbScEyaOSQSdUKyuAcwsG76JD7izg
Request Chain 92
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELT5tZyBG4P5h6SfMb7Ac-c&google_cver=1&google_push=AXcoOmTS3EsAfp4AqLSB-NoaRCddYlE9avo5vCpXiEuFb7hUeIhvMXE2_oSf7K2lXtiw-BwHjWoCaxyFe483zJpFqWMaUCkqm7E4_JI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTS3EsAfp4AqLSB-NoaRCddYlE9avo5vCpXiEuFb7hUeIhvMXE2_oSf7K2lXtiw-BwHjWoCaxyFe483zJpFqWMaUCkqm7E4_JI&google_hm=eS1KRWhSMzg5RTJwSG5vVXR4NlUxQXlrLkxfY3QzdzBmRH5B
Request Chain 93
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCxgVKQsop_qt9GkOvqeHs&google_cver=1&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0PsGt4xIfNXPdyHzToG5ZRQT69cRGc HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMCxgVKQsop_qt9GkOvqeHs&google_cver=1&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0PsGt4xIfNXPdyHzToG5ZRQT69cRGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5Mzc1NTMxOTM0MzU2ODY0Nw&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0PsGt4xIfNXPdyHzToG5ZRQT69cRGc
Request Chain 96
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CSrgmRWMfZYP3Fqq778EPjuir2AH51ruuc4vIh5jqDGQQASDzquF7YJXCpoKwB6ABs6KmvALIAQmpAh8h1zilsLE-qAMByAPLBKoE3gFP0PucM7TgJm2pjD7CwdRHgBOG0LoYPPxwkn1hfHlRtj4b5hTSkX7xSSEqaPYHeTNr4In8yEHk7MwfSJ4J_8iBNW0Y2Rgik0wKU7T5UzpD1XN9D8b4rptANjW89E4fCE-pTBrEYurcVxBR2eYEy0gsTR2r-Uf1D0pclZnh033IoXUe0NVwkdh1TqnPH4ol3zWGC8mHENYUIHCxSWXYkGRu1KkmVrwGRcaPcqFF9qaY1I-FazirBO0FG6Iw37g12fYlZmZXypmtTP8Ieckug4S1y6hTJwMi8nadm5KsezbABPnApvSvA4gFmdmd7iuSBQQIBBgBkgUECAUYBKAGLoAHtd3ZwwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDUbNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSdodHRwczovL3JvdGFyeWV2YXBvcmF0b3Iuc3Rlcm9nbGFzcy5pdC-ACgHICwG4E-QD2BMNiBQC0BUBgBcBshccChoIABIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=HCDAtLoO7lU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaN1BNAfXckvosWo3nNcW1uiXqNOXsXR98-BKtMDrWYyUcVxEk0aa6JPXWdY3x4r0um9Hmo3QgWFxgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214679895062342266428%22,%22debug_reporting%22:true,%22destination%22:%22https://steroglass.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663327027%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211722815054158785121%22}&andc=true
Request Chain 99
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

113 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sci-hub.hkvisa.net/
Redirect Chain
  • https://scihub.scihubtw.tw/
  • https://sci-hub.hkvisa.net/
28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417f2055b0f89bb7d9816b136faf31dc737b5ead0de4386fa8ba1c5a49c73833

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=43200 no-cache
cf-cache-status
DYNAMIC
cf-ray
811a2407ee878fda-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 01:30:44 GMT
expires
Fri, 06 Oct 2023 13:30:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDjzAaecHsig1GrShmIMVrPmU53dGO2N%2BzvUrr4mAMRbev5CEzFWbUGqqMowcX9hBIcWQePO%2FIaQvWYppMaTKRv%2FJsBzitzQiOA9migiBqxh13k1hiHCPYgSSUkOrEVxwghyY8ipdCL4Adg%2Bfo%2FFlmM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-cache
MISS MISS

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
811a24037ddf2c63-FRA
content-type
text/html
date
Fri, 06 Oct 2023 01:30:43 GMT
location
https://sci-hub.hkvisa.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQb9T4hxM29Q%2FqqQNiwgP25lzzemWaxCQWscrBbN20AyUvDUj0wOaG4m7CIiJhB9Z3y3IiF%2FaWzUjnWHuRHk2FRlAl7PniIuPNTLH%2FTTcNihVcOTTgxpyHY5IUmQSlMbL8CVYSLFkHza3wxRAGp5Fr0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2501698
etag
W/"5c00bb7c-152b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYijL21b%2FKbDzTnoas9ti%2F%2BZIEtEyUiJuiqTGXowrgDn2t4mCnn9UcIYu3wrSxioMtwBMRWjJei2VO4uplL4sOxDRGuUB9rmN7qKuiHmpAHY%2B3JJNdcQJRDLiTYL9RH7LsB0DSXe2wig2HHVlxKG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
811a240aedb69b40-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:35:46 GMT
jquery-ui.min.js
img.sci-hub.shop/scihub/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Dec 2018 08:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2501698
etag
W/"5c13665c-3dee4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvtWa5bqY3TLoYZUj%2BgFoLFtEPuLea8M5KvFWHhWKZbpd08f1xTuUurlrmZc7poWrclrRzgTOtKNv51l9DS6CvrID3cIMdPKJx0Bto3bD29aWbt2FbaJLZFW7aILdxHpXYWdgkaLvXJJ0PAjs3qu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
811a240aedb79b40-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:35:46 GMT
openapi.js
img.sci-hub.shop/scihub/ 		94 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/openapi.js
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2501698
etag
W/"5c00bb8c-1798d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7qLEUxpmfCyIwqVxjyxJQ0QCkNPZeq9CHYlhgAfUJN6LfiM6x6o9uo1r54vQ4dIG4LIiTNCEhx%2FfeQTCiAlVP9fcXgXvn56NHjp2EmjSLPVp7beM7Kgm%2F0i4O6Rsx0GPcw57pP4chFXlbtxEo8p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
811a240aedb89b40-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:35:46 GMT
medal.png
img.sci-hub.shop/scihub/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/medal.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2500809
alt-svc
h3=":443"; ma=86400
content-length
22275
last-modified
Fri, 30 Nov 2018 06:13:38 GMT
server
cloudflare
etag
"5c00d512-5703"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeXbbggHyzqWIfESpy0nxvqKtZDrLsieV7Wd8DZVkuEVwH5zBJjynlDUIvYIDS%2FRIoqaKLhU5NFvR4qOSiqbw04q5A%2FViw09sCsGL98s62AM9jXmdMAVOPrHQ1LntMhkmIY1MLfzM864g7LhbudN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240b4df99b40-FRA
expires
Sat, 07 Oct 2023 02:50:35 GMT
key_1.png
img.sci-hub.shop/scihub/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/key_1.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2500809
alt-svc
h3=":443"; ma=86400
content-length
8428
last-modified
Fri, 30 Nov 2018 06:13:40 GMT
server
cloudflare
etag
"5c00d514-20ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7F1KGduu%2Bmlt%2BcA8MMHwmssX%2F2PDWtvbSL1mNB9heU4JE8jiapO37EPzP%2BWdbwqCQli767fhO%2Bh4mcW%2FlFdt%2FuoBPnJXLoLckUIW%2BmrwAK1dqjzpcSKNU0UIEqYQ74VpKB8CedyCa%2BaBVPR2z8G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240b8e2e9b40-FRA
expires
Sat, 07 Oct 2023 02:50:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c07cae79b66a273745fc83d5a63e2166b525c5f6d8c3879c990f153c230ba1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50896
x-xss-protection
0
server
cafe
etag
14762970570611535038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:30:44 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B3ZS4P497Y
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ac04f3d0211bbaee42e2f652aa64eba2b903f357338d0b738ff625b3e43cc1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92665
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 01:30:44 GMT
top-back.jpg
img.sci-hub.shop/scihub/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/top-back.jpg
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
188646
last-modified
Mon, 16 Sep 2019 12:17:02 GMT
server
cloudflare
etag
"5d7f7d3e-2e0e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBIfJEyHExPi9%2F6QtoOqnCNk8dshdzkgcIXoeE7igYml%2FJyhoRyW3iDWDiG8AmZU7fAd5PZ7yM19CfkNdf4vPctCGge6r4rkKJcZHMnA8c%2FmRdKom2RIUozq88BIJCnnBGn67jg%2BVkrPxgCJjy8D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babda194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
logo_en.png
img.sci-hub.shop/scihub/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/logo_en.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2498091
alt-svc
h3=":443"; ma=86400
content-length
14556
last-modified
Fri, 30 Nov 2018 05:56:38 GMT
server
cloudflare
etag
"5c00d116-38dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7JTHiwIEHqnFsI7%2BDjETSIcaE31kilB%2FNmx78qiVDymPTPVnI6koIEbTT4y%2BSWXlmVHwk7eVPbFP0zN5ESrZyPKueN%2FeDeGe%2BqexBlLgQRYJIQ2FsORvUs9Yx%2Ft0Z6xwRYPW%2FpqE6go9wwKE8q%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babde194d-FRA
expires
Sat, 07 Oct 2023 03:35:52 GMT
raven_1.png
img.sci-hub.shop/scihub/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/raven_1.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
60144
last-modified
Fri, 30 Nov 2018 05:56:32 GMT
server
cloudflare
etag
"5c00d110-eaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX83In6pOQH5pyoryy2OAp%2FU8k7mMjKosNTBnWydld%2FyzTb6VzKW8xWZNU%2BWrpARCIgNxZ2aE40Y6b3l%2Fe7xxx5ZiBoD%2Beg%2F3Fj8H4%2BhhNVAc9GxjmvU0UPZP5%2BKudL%2BAnq20RxfbCqk903lZ54R"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babdf194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
map.jpg
img.sci-hub.shop/scihub/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/map.jpg
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2502545
alt-svc
h3=":443"; ma=86400
content-length
55605
last-modified
Fri, 30 Nov 2018 05:56:52 GMT
server
cloudflare
etag
"5c00d124-d935"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKUJY2El%2FJQWxPWGDojta3xwq1NJXLUDGwP895K5d647gD7LnvPN8TqrCWMO8xVy%2Bf3JjnhKTyZ8MV%2FVIGD%2BqLoKuu3bMgBPurb4V93DeDwFqFmDJTnuXeIFw5lqw5Z17S%2FvNwZ5v6fGJfsHokyv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe0194d-FRA
expires
Sat, 07 Oct 2023 02:21:39 GMT
about-marker_en.png
img.sci-hub.shop/scihub/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
3361
last-modified
Fri, 30 Nov 2018 05:57:02 GMT
server
cloudflare
etag
"5c00d12e-d21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pXLn34xDwSvioFUCbUBs3xlyOgLBCgUSeWtbVe%2FbF4LCAMGZ0gzXp5V2FbbjZnx0dV6q%2BzJ2LTBLvjHiWc%2F7koINLcw21JzWeJuTSF%2FsQZIIqv4205jAv72fCVGB4QGtctB3jDJ5jtvf24DlpeJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe2194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
quote.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quote.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501294
alt-svc
h3=":443"; ma=86400
content-length
1068
last-modified
Fri, 30 Nov 2018 05:57:12 GMT
server
cloudflare
etag
"5c00d138-42c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnrmKHNNtNBeK6JoXykmTMW3hQEJiSwhfE4wv2ocZR87hvpZzvxxKsxhYLM6Q5OPkLl4XClP0sc7%2BHdHAoQaX2zBP55tMtHWKstq7tHa1ot1HKhWEHD%2B6T30kQy2rXS%2BdnU%2FdNrpqcj%2FccLScsGx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe3194d-FRA
expires
Sat, 07 Oct 2023 02:42:30 GMT
quotenext_en.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
1087
last-modified
Fri, 30 Nov 2018 05:57:18 GMT
server
cloudflare
etag
"5c00d13e-43f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjmXAe18Pw7RYEwblkc8K6%2BgVIX9yDMWkSwXZSizMUs3rp1f2hfhmBWaRxYMVSfQuG8muEdIS8a8tlKfSZVsSQG64EFU%2FGYRJiu9cNtbCVRj9Q4p72tl5AOwHTHbvBHY0YjxnnKJ4jckK5NKft%2Bo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe4194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
pone.png
img.sci-hub.shop/scihub/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pone.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
1637
last-modified
Fri, 30 Nov 2018 05:57:24 GMT
server
cloudflare
etag
"5c00d144-665"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbOx3ZKMZt%2BupTv%2BiV3IpEDnHuM2ifiNs7DoalkiU5cloEA9YPDEtHIZZ53Cdk4igaEQe%2B8SPx%2FAt6dmAExAxR3vqM%2BZ9YS%2B8IG6sc9IXODuCaeL9f2iAlRFPCgRvAz7HQkeQZHTDyV%2Bx3XpN796"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe5194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
ptwo.png
img.sci-hub.shop/scihub/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/ptwo.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2500797
alt-svc
h3=":443"; ma=86400
content-length
3907
last-modified
Fri, 30 Nov 2018 05:57:30 GMT
server
cloudflare
etag
"5c00d14a-f43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKi5CC%2F%2FDfe29pIr9EMhFQNID2%2FxK6Fue%2FimkE0GhJnUfFStlNZQgUJq2AMaVvQHgKp%2FPESVEF4YZTX1rvIqf%2Ftp0qJFnlIeCVInktPuYdp5zFRcaRHXczpV7lUkMczzBObiGGI3HKkxFS0YZw07"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe6194d-FRA
expires
Sat, 07 Oct 2023 02:50:47 GMT
pthree.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pthree.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
4278
last-modified
Fri, 30 Nov 2018 05:57:36 GMT
server
cloudflare
etag
"5c00d150-10b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txjm9kbQBkJfaBFbuoxHs8JtVvqh27vJu%2BJM%2BjupLslMZ7XFUHEQC0INNRq0Q5%2FP%2FajVq%2Bv6fkNRns9QN9HeEG8%2F71rejAYjwc4GvpBu1ccQIdMvbOGQnbMTH6tLpep4W%2FTejEZKUdlMQauB0kQf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe7194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
people.jpg
img.sci-hub.shop/scihub/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/people.jpg
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
51212
last-modified
Fri, 30 Nov 2018 05:57:56 GMT
server
cloudflare
etag
"5c00d164-c80c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icDnnwGXr7eRXF441nGVzOC8XTfmiwLcQVXrD%2FK02q883v3Wc3gelCaWhs1at9weDXbD%2FWSbI5X%2BNOsq1yw6mA3TcblRAO0QmaYORj%2Fj%2FjL8%2F856214y9%2Fyu2jClM1YQP%2BDGfM2WYtd6aSFmG1H5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babe9194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
join_en.png
img.sci-hub.shop/scihub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/join_en.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
6197
last-modified
Fri, 30 Nov 2018 05:58:24 GMT
server
cloudflare
etag
"5c00d180-1835"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndyYYhp9RAABjVkB8LAgPWIDULPh2hYLEM5IWWbFdt2n%2F%2BhGCPQiLSKjO%2FVth4jQrZmeHQYLFSbL9e0vCS3XcCAniKyb2cmTxar6HjSpg5USDguKQ1hAvg4w%2BFX3EXsQX0DwM%2B4rgOzCoXVHFWVC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babea194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
joinvk.png
img.sci-hub.shop/scihub/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinvk.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
17834
last-modified
Fri, 30 Nov 2018 05:58:30 GMT
server
cloudflare
etag
"5c00d186-45aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqAxoG%2Fvr84VW7kn4qnjGz12KDIndQaoNRKPtb%2F6zLBfE2Dno1CunWQ9xDVPvMI6gnfMKk0PkLxcsBS%2FrQaCxodS21NisoInUUB7qmG9aqQgfSw6t9CaZjFiavHzX0OwdA4xE543YsuOWAyRyX7s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babec194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
jointwitter.png
img.sci-hub.shop/scihub/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/jointwitter.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501423
alt-svc
h3=":443"; ma=86400
content-length
5751
last-modified
Fri, 30 Nov 2018 05:58:42 GMT
server
cloudflare
etag
"5c00d192-1677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gobK4%2FMQxz09C62UTNqoSfMKyXh60xM8x%2BqWt7G18fOG0emiieNP5nioRJ9yEODwoBXWqQh9mUIg1w3%2B8%2FDS3ksBqGq3xF3u2Q%2BKwaBO0y%2BOvXGXrykA8ZFnZcmsiKK1MDjtjREMZlgCGAc%2FY%2B9z"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babed194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
joinfacebook.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2501422
alt-svc
h3=":443"; ma=86400
content-length
4152
last-modified
Fri, 30 Nov 2018 05:58:36 GMT
server
cloudflare
etag
"5c00d18c-1038"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzM%2F7mF9TfwEJoW%2BZYxGvNP3Qc9zO0TSsiho8AkJ5mRM%2Fy0iVvKZJ63Ytfz%2FxDja%2FTELaTiF9O%2FrlkG%2B1L7Z3MSbwoKO2pGF2fIuLLq88GQAC7rVvePVJgVis1UgAUONEH2K%2BzLq2KuI0yL59QYC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
811a240babf0194d-FRA
expires
Sat, 07 Oct 2023 02:40:21 GMT
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 		0
0
pluso-like.js
img.sci-hub.shop/scihub/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/pluso-like.js
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2501293
etag
W/"5c00bef8-a5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eE5%2BUEaiif9EL%2Bm47P7%2Fuhl4nnJXV1Gs1NPV44G38U8uEzZW3WYZ92FbVNtTImJsQ7BdNM2WVZfEPwy%2FPqwFogvkWAYqrhBS6vEbJ5S1l%2BNfNbMCpe6iUnpB%2F3uPbZCjjr6t8Z8hi58Sisfu28fF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
811a240bec0b194d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:42:31 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebb233a10551eb82a9789e87c6d916fb4c470de004d4bf56f8db705f3109ada4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131791
x-xss-protection
0
server
cafe
etag
12734530787467674575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:30:44 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame B5A6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
41646
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 13:56:38 GMT
etag
2603938475786422795
expires
Thu, 19 Oct 2023 13:56:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B3ZS4P497Y&gtm=45je3a40&_p=1481294848&cid=408055097.1696555845&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696555844&sct=1&seg=0&dl=https%3A%2F%2Fsci-hub.hkvisa.net%2F&dt=Sci-Hub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3ZS4P497Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sci-hub.hkvisa.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8a9df6caaf0fab7481dc237f2e8e1b89db6355a3b704fae8e0f9d68aff9f378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E47B 		149 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97bd2ecee25d06cfb0e3477a2e0e12164fc5956b69ba9fea7acba2e969948909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45476
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:45 GMT
expires
Fri, 06 Oct 2023 01:30:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B43E 		716 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1696548644&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844688&bpp=1&bdt=516&idt=168&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4YzhBuFsBQ&p=https%3A//sci-hub.hkvisa.net&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcaa1ffcaabd75e6896e26a5f568dabd7bcee7ab42407184fdaa53e4ee656b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:45 GMT
expires
Fri, 06 Oct 2023 01:30:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CAD8 		151 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1696548644&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844700&bpp=3&bdt=528&idt=178&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ced8df5de37552ec6cd32954755f57b734fb76cb6cadf2c8c17b9628d8c374a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:45 GMT
expires
Fri, 06 Oct 2023 01:30:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a2b72214cc983024d368bae7231532353964b1f5577ed6735cbc65ed21dc2d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53740
x-xss-protection
0
server
cafe
etag
10158816926239346639
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:30:45 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 37C7 		115 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64080214df9df693f146e681664746c094b1f87956bc2850cf22b04b4a1ea64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40266
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:45 GMT
expires
Fri, 06 Oct 2023 01:30:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C821 		436 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=3576002031&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1149&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2271&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=5VKbpL6l6T&p=https%3A//sci-hub.hkvisa.net&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f1fb3fbb41b92aa1a0e39207ca563c270814be01cdd0a9b7654fb0f8532e72c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:45 GMT
expires
Fri, 06 Oct 2023 01:30:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1C88 		436 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1878021256&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2994&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3jyfAySsWC&p=https%3A//sci-hub.hkvisa.net&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d55d20c3b716ea276a13dbb5bbb0ae80bc713165a073d5fcf9729f724d6afc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:45 GMT
expires
Fri, 06 Oct 2023 01:30:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2354 		436 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=3460618075&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=1&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=B6CybiTAMU&p=https%3A//sci-hub.hkvisa.net&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f527c2497928b876e909c90171017c88f4a0cee6747c2ce40c682a28231063a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:45 GMT
expires
Fri, 06 Oct 2023 01:30:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 1A7D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 12:45:24 GMT
e68f8ec74926968a541734be8897a625.js
www.gstatic.com/mysidia/ Frame 1A7D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 03:18:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14678
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 03:18:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1A7D 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:37:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
42807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:37:18 GMT
ef1f6d24bef59513d7c49e9cf5bba5ca.js
www.gstatic.com/mysidia/ Frame 1A7D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef1f6d24bef59513d7c49e9cf5bba5ca.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 05:13:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9440
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 05:13:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 1A7D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
42874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1A7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1A7D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A7D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:30:45 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 1A7D 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:26:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame 66A8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27823
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 17:47:02 GMT
etag
2603938475786422795
expires
Thu, 19 Oct 2023 17:47:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 66A8 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:37:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
42807
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:37:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 66A8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
42874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 66A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 66A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 66A8 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:30:45 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 66A8 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:26:24 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CE6A 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=2827209793&pi=t.aa~a.2873812152~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845324&bpp=1&bdt=1152&idt=0&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C200x400&nras=7&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4788&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=gMWPAOBjHE&p=https%3A//sci-hub.hkvisa.net&dtd=212
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86bea0a9e4e506370639639a4857739d4cbceb336e309217dc6eb72bf73b66a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/ Frame B267 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30d5cb1a833aa6e8d67bc20522561c39a2eb80dd3235e12e42db0945ff896355
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
114220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3550
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Oct 2023 17:47:05 GMT
expires
Thu, 03 Oct 2024 17:47:05 GMT
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame 1A7D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7403997fdeadc373982855d86b26e002fdf4ea6da6f76b9441ac66efbf92f1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B267 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:14:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
54947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 06 Oct 2023 10:14:58 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B267 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
43164
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 06 Oct 2023 13:31:21 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/txt1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76f44261375eab3b7a2a1cb6c098f3b8f1e93976bad4b5b97185b30aed973fa0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 04 Oct 2023 17:47:05 GMT
x-content-type-options
nosniff
age
114220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4117
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 17:47:05 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/txt2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79090d60ccb88bbdbedbbf4049686166a96e5de684eab6e62da67c6a587deba9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 04 Oct 2023 17:47:05 GMT
x-content-type-options
nosniff
age
114220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3538
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 17:47:05 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/txt3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78a4f751b49f02dbc4c33506f30ec34fc949ec159781803435e812cf22b82918
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 04 Oct 2023 17:47:05 GMT
x-content-type-options
nosniff
age
114220
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3354
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 17:47:05 GMT
cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/cta.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98cb6d944b2708f6ccbea5d2699bbbc6f7acb45109f16c248d421630305292c7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 04 Oct 2023 17:47:06 GMT
x-content-type-options
nosniff
age
114219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2708
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 17:47:06 GMT
appIcon.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/appIcon.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e5ee74efe46726bb6decca3e6810d2504da718d73f9744150178919d6d671fe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 04 Oct 2023 17:47:06 GMT
x-content-type-options
nosniff
age
114219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3655
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 17:47:06 GMT
appOverlay.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/appOverlay.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a290c9fe7fbdae50032ede5fe7230d9088c2eabb9caea8d956611513d2fc9af
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 05 Oct 2023 22:03:54 GMT
x-content-type-options
nosniff
age
12411
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5047
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 22:03:54 GMT
appLoading.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/appLoading.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcb96ca2aaac0fe71615829eb339b27555c8bf82522e02ec3daa0b17aacae182
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 04 Oct 2023 17:47:06 GMT
x-content-type-options
nosniff
age
114219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3632
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Oct 2024 17:47:06 GMT
updated.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/ Frame B267 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/img/updated.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15f9f1486aac335b447a718b98231f6f80666fa4aab41cf6f1d34d3ff1efd67e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8938843800792855311/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 05 Oct 2023 22:03:54 GMT
x-content-type-options
nosniff
age
12411
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1570
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 12:51:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 22:03:54 GMT
11283647773309444138
tpc.googlesyndication.com/daca_images/simgad/ Frame 66A8 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11283647773309444138?w=360&h=720
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
529fd973ced7bed5b7c9312c48dd16f07373ba1733e3bd2ff079d65e7f7e1665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:20:48 GMT
x-content-type-options
nosniff
age
43797
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24211
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 22:10:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Oct 2023 13:20:48 GMT
truncated
/ Frame 66A8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4e5a7fb3d2fad34bd46b3ec521d21302e06ea3b31ad15d3c4455b1b2357c59b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame FFA0 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:37:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 66A8 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIyUDRGMfZe2KOc-p78EPw7ql6AyQy8-Ac9GTwKbsEdrXtLinJhABIPOq4XtglcKmgrAHoAGQiKX_A8gBAagDAcgDywSqBPsBT9AhXRuWREAAqLNPzyKpeDVZQ7r-YaC9ive-cl_HMCRlRsMk5-fgiSEkkuEjVn0kDQk5gnjoNZGXn6kS-MLzuoH10KmnTRQX2iCpNY3FLRL8oDYVMQQ83MhkWGy3v7myVpiIHG6AsDKVd5o6o58yoUW-3LKQTfTCO-cyiAPulomFLSmCPqG6RlMKGgi3BXt7P1Jxf8B-mOKBl0Mi-45UPxvP5bwlejF34HYJVgN0aUZgrVZPrxkA1ipfdVbQvitMxO1ve-aoq9ZzTRg9M_jtS6DpTycsWu8L6evBTNnAvIj_9-1E2ScnkqX12fPfS0aBltAMTD9fplnSS0DABKGnkIKyBIgFxrzv90uSBQQIBBgBkgUECAUYBKAGAoAH2PdaqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmd8D0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=ZL3P1TgTMq4&uach_m=[UACH]&cid=CAQSTADICaaNb6UUNLZK_tYN9DN4xPK4z6f5y3rDj5gavNoKDjWGgikHbXpqD6gFaaNz4OHHX8PkRzHhR8I5Kb1aK3LQm_UFxP6-ifo00boYAQ&cbvp=2&vis=1
Requested by
Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 01:30:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 1A7D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CA1ryRGMfZdvrNa2RjuwPvJeS-AGpgqSZc57jtezgEd_vr-a7IhABIPOq4XtglcKmgrAHoAHJ7ZL5AsgBCakCw_wrOVGysT6oAwHIA0iqBNQBT9AxIL_8ZX9h4I7xnu1BZa8ymKKjX9OQseD...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217377815090015246372%22,%22debug_reporting%22:true,%22destination%22:%22https://bahn.de%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217377815090015246372%22,%22debug_reporting%22:true,%22destination%22:%22https://bahn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22790935241%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225537948653982651729%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:46 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"17377815090015246372","debug_reporting":true,"destination":"https://bahn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["790935241"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"5537948653982651729"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 06 Oct 2023 01:30:46 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 01:30:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17377815090015246372","debug_reporting":true,"destination":"https://bahn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["790935241"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"5537948653982651729"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
at.bahn.de/ Frame 1A7D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at.bahn.de/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=20585715344&cb=1430992815&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.71 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 06 Oct 2023 01:30:45 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://at.bahn.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Fr, 06 Okt 2023 01:30:45 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1053
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame B267 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:37:15 GMT
css
fonts.googleapis.com/ Frame 37C7 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Oct 2023 01:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 23:50:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Oct 2023 01:30:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 37C7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
42874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 37C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 37C7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
42876
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 13:36:09 GMT
l
www.google.com/ads/measurement/ Frame 37C7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAvfP4AV1aX8ubUFDUilyjZJoJK4EYq4XgDHQ1jJAw0YewWBwacrmFKTaw-tiw_v3TTXh1dbau_KsOCCe7fCzMGxFdCw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37C7 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Oct 2023 01:30:45 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 37C7 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 15:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 15:26:24 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217377815090015246372%22,%22debug_reporting%22:true,%22destination%22:%22https://bahn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22790935241%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225537948653982651729%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 01:30:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C765 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Fri, 06 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/16379041741182269852/ Frame 37C7 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16379041741182269852/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12f6e2b0eb36e56ed2a2ce2197ae52f512b5f88ef3805a49386ab724d50610f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 21:09:01 GMT
x-content-type-options
nosniff
age
15705
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42492
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 22:25:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 21:09:01 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7709533157394350118/ Frame 37C7 		902 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7709533157394350118/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbd218bcfa5950989e22d2f0da5e3a5c484a0dafc9229812faea9af72deb2205
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 21:09:01 GMT
x-content-type-options
nosniff
age
15705
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
902
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 06:17:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 21:09:01 GMT
truncated
/ Frame 37C7 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
715b5d58258ec4efb8d5a61a8d6553f97fadaa4dd2f218a5b575b6a27379a54a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37C7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 17:26:14 GMT
x-content-type-options
nosniff
age
201872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 37C7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 16:12:51 GMT
x-content-type-options
nosniff
age
33475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 16:12:51 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame C765 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN7IEvZf7FB8qSSEne4qRfs&google_cver=1&google_push=AXcoOmQ9KUCIF7kaThLpfZJxqmYIqC_ZnsZKOVeM8uAkIDVHWotIumKpa0NPaw1eeuKz1-v4JVVfhe9_n7vfUfYn8_TXMGT1F1aOTEU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame C765
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENqbBtG4LqHXuzsdVaS5XAQ&google_push=AXcoOmRaG__FtZahJwLqwhwPSGi4yUOOqQ-PQBO6gTVGW2hdBFXL5f3WlB...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENqbBtG4LqHXuzsdVaS5XAQ&google_push=AXcoOmRaG__FtZahJwLqwhwPSGi4yUOOqQ-PQBO6gTVGW2hdBFXL5f3WlBURM8riC3GqgqdghPA-1c7IRPp03Sw9FtrIUH9c5r12zsw
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230075-FRA
pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1696555846.155496,VS0,VE100
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENqbBtG4LqHXuzsdVaS5XAQ&google_push=AXcoOmRaG__FtZahJwLqwhwPSGi4yUOOqQ-PQBO6gTVGW2hdBFXL5f3WlBURM8riC3GqgqdghPA-1c7IRPp03Sw9FtrIUH9c5r12zsw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame C765
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECTbU1NNx8WXu4042gP9Zo0&google_cver=1&google_push=AXcoOmThgeMqmIvDYRMeuBuVODfMGab3YjCPU4UFfQHtkzXI03zRvZaL8RD-HvFX__A2vkw8g4q0YqKvX-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmThgeMqmIvDYRMeuBuVODfMGab3YjCPU4UFfQHtkzXI03zRvZaL8RD-HvFX__A2vkw8g4q0YqKvX-ru9hbd7FmfsmqX308aSw&google_hm=81z56YxDR8GJw-7_Uz...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmThgeMqmIvDYRMeuBuVODfMGab3YjCPU4UFfQHtkzXI03zRvZaL8RD-HvFX__A2vkw8g4q0YqKvX-ru9hbd7FmfsmqX308aSw&google_hm=81z56YxDR8GJw-7_UzOTSWU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmThgeMqmIvDYRMeuBuVODfMGab3YjCPU4UFfQHtkzXI03zRvZaL8RD-HvFX__A2vkw8g4q0YqKvX-ru9hbd7FmfsmqX308aSw&google_hm=81z56YxDR8GJw-7_UzOTSWU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C765
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIYyMuwK0eyIaOsNtV9D7Zc&google_cver=1&google_push=AXcoOmSyCI0Bbt-mZsdEkrOf288bQX7MNyuXryglENyD2bIm_hz3VlTwuv7EVkftHp2proetFIbScEyaOSQSdUKy...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mYTmjIhFQR4pNeF1IwZXUQ&google_push=AXcoOmSyCI0Bbt-mZsdEkrOf288bQX7MNyuXryglENyD2bIm_hz3VlTwuv7EVkftHp2proetFIbScEyaOSQSdUKyuAcwsG76JD7izg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mYTmjIhFQR4pNeF1IwZXUQ&google_push=AXcoOmSyCI0Bbt-mZsdEkrOf288bQX7MNyuXryglENyD2bIm_hz3VlTwuv7EVkftHp2proetFIbScEyaOSQSdUKyuAcwsG76JD7izg
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Oct 2023 01:30:46 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mYTmjIhFQR4pNeF1IwZXUQ&google_push=AXcoOmSyCI0Bbt-mZsdEkrOf288bQX7MNyuXryglENyD2bIm_hz3VlTwuv7EVkftHp2proetFIbScEyaOSQSdUKyuAcwsG76JD7izg
x-host
tde-deliveryengine-production-8b9d7bc7f-rxtz6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame C765 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBZDPygdQms3xTxu7gjAKg4&google_cver=1&google_push=AXcoOmTwmKLL3sxhJqNGEPXnrVMY0iYhHFSwPeWJ7UiJRho2YxbZEZuVV4cFLGuA6clky6f-mtJx_OuOQm50lUN5XIFdgTLDwhrP9Yw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.158.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-158-177.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame C765
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELT5tZyBG4P5h6SfMb7Ac-c&google_cver=1&google_push=AXcoOmTS3EsAfp4AqLSB-NoaRCddYlE9avo5vCpXiEuFb7hUeIhvMXE2_oSf7K2lXtiw-BwHjWoCaxyFe483zJpFqWMaUCk...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTS3EsAfp4AqLSB-NoaRCddYlE9avo5vCpXiEuFb7hUeIhvMXE2_oSf7K2lXtiw-BwHjWoCaxyFe483zJpFqWMaUCkqm7E4_JI&google_hm=eS1KRWhSMzg5RTJwSG5...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTS3EsAfp4AqLSB-NoaRCddYlE9avo5vCpXiEuFb7hUeIhvMXE2_oSf7K2lXtiw-BwHjWoCaxyFe483zJpFqWMaUCkqm7E4_JI&google_hm=eS1KRWhSMzg5RTJwSG5vVXR4NlUxQXlrLkxfY3QzdzBmRH5B
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Oct 2023 01:30:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTS3EsAfp4AqLSB-NoaRCddYlE9avo5vCpXiEuFb7hUeIhvMXE2_oSf7K2lXtiw-BwHjWoCaxyFe483zJpFqWMaUCkqm7E4_JI&google_hm=eS1KRWhSMzg5RTJwSG5vVXR4NlUxQXlrLkxfY3QzdzBmRH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame C765
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMCxgVKQsop_qt9GkOvqeHs&google_cver=1&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0PsGt4x...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMCxgVKQsop_qt9GkOvqeHs&google_cver=1&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0P...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5Mzc1NTMxOTM0MzU2ODY0Nw&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0PsGt...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5Mzc1NTMxOTM0MzU2ODY0Nw&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0PsGt4xIfNXPdyHzToG5ZRQT69cRGc
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg5Mzc1NTMxOTM0MzU2ODY0Nw&google_push=AXcoOmQtm2NjYH4ct6N774jPtitI98FGRMe5MuFVGjc7xavNZqXi3kb4lgWpeiMc7nUqoFuhj0PsGt4xIfNXPdyHzToG5ZRQT69cRGc
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame C765 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvUFZrziWKugTNk4yvfFesQSdSLzS0XkKITvX1NgTXzfP9QsA-xOTPFzIvPVgvCQwy63FL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame 20CD 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1696548644&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555844685&bpp=3&bdt=513&idt=149&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&correlator=8577724940421&frm=20&pv=2&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Te5N1IwLpf&p=https%3A//sci-hub.hkvisa.net&dtd=163
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:37:15 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 37C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CSrgmRWMfZYP3Fqq778EPjuir2AH51ruuc4vIh5jqDGQQASDzquF7YJXCpoKwB6ABs6KmvALIAQmpAh8h1zilsLE-qAMByAPLBKoE3gFP0PucM7TgJm2pjD7CwdRHgBOG0LoYPPxwkn1hfHl...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214679895062342266428%22,%22debug_reporting%22:true,%22destination%22:%22https://steroglass.it%22,%22event_report_window%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214679895062342266428%22,%22debug_reporting%22:true,%22destination%22:%22https://steroglass.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663327027%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211722815054158785121%22}&andc=true
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:46 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"14679895062342266428","debug_reporting":true,"destination":"https://steroglass.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663327027"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"11722815054158785121"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 06 Oct 2023 01:30:46 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Oct 2023 01:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14679895062342266428","debug_reporting":true,"destination":"https://steroglass.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["663327027"],"4":["10-06"],"6":["true"]},"priority":"500","source_event_id":"11722815054158785121"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
process
share.pluso.ru/ 		0
0
process
share.pluso.ru/ 		0
0
hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 01:30:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Wed, 05 Oct 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Oct 2023 01:30:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Wed, 05 Oct 2022 21:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ea3ce42631b31af60c31ef24043a05f03311eb74ab74a0e65dee272ab126403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12172
x-xss-protection
0
06.png
share.pluso.ru/img/pluso-like/square/medium/ 		0
0
plus.png
share.pluso.ru/img/ 		0
0
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame D92C 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696548645&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696555845322&bpp=1&bdt=1150&idt=-M&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df1cb4340ffce1d27%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA&gpic=UID%3D00000c8f6fef1360%3AT%3D1696555844%3ART%3D1696555844%3AS%3DALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8577724940421&frm=20&pv=1&ga_vid=408055097.1696555845&ga_sid=1696555845&ga_hid=1481294848&ga_fc=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C44798934%2C31078297&oid=2&pvsid=3704421518991591&tmod=710545800&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mumvdcsRAR&p=https%3A//sci-hub.hkvisa.net&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 07:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 07:37:15 GMT
kb.js
kitbit.net/ 		0
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214679895062342266428%22,%22debug_reporting%22:true,%22destination%22:%22https://steroglass.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22663327027%22],%224%22:[%2210-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211722815054158785121%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 01:30:46 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 01:30:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73CD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
64421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 07:37:05 GMT
expires
Fri, 04 Oct 2024 07:37:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0777 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
646614e1758d8afe6a2c65e2a281930d7bdc914aa8b2ac2864bf37ce33f5e360
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ctOuBkyu4dUnHVkhqKfnCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ctOuBkyu4dUnHVkhqKfnCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 01:30:46 GMT
expires
Fri, 06 Oct 2023 01:30:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 73CD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
23593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 18:57:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0777 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=3704421518991591&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 73CD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?V8gXXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 01:30:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A7D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpAqHXXe_d7XtuJSkFhJaAuqbZymCMYwGn6fxoQjd-XNLk5fL-VHBN1myo8ncqd2wtgrB5loXfagz6f-Eu-rhxtGKJSobMF2B4ye0e3cl4p1ccN_i2fSiSGLOzLcDSIvzOJFyJu9ZwryrO9FjSLnyyVPueikUvNJh9G7uOYglwwChjv-TBf-HtqUascuh7-SkNdVUwY6G_3-JVJfaNe2dReTgKsp-AhHdCRf8_4dFms6BeKaORlXrmJk2Kj6yK_gulfn_IFe-Gmto8P7pzK5XlHEgDyDFP_qcNhFnP4zLEBN_d4NPySpvoSgeLqfYbBO7GbJmoJPmeqfAXaUpYDkV91UYK_v4odsh5gK6t-t56q-k21Sm0PPSFzZbFVwzBHgb0p0FGuU2EcjX1GFj1BCs0lqo0IotTQK5zzDGVsYFU-dhloeoT2qW5POiYzjAotuyGD0pBxdRDH--lWJF6_iilJGfJhHaYKVWeRRWGHVcdfCS-KETqz8oXD9bZ6RWQ-P6BD8kirOA27Y4xYT9w6lFUZceJ4Jq7tDDyJGVg0crODlXz3hn7LncdRp-1ZHG2KRAiqk4hLL0xLTSxLSSZIEy-sKd8nq0H7mB6g29KyWIQI-t4t7NAxiRANRvQxqxGOmVqXg0JlJAiL4mq_SEdbccJnMG_OrmNWXLCaAWiuL34YNVSj77nxAYYiGe-SN4Wt3emrNekQfJYGJDyv4irbAY8XC86BjnIyO3Q8BmFwgW6wCgZQ4TFj1WRBs1TkIeL21ckAOpTUEaQG6rv_SQ9oWwFqGcY22zS2TwOIR31zfxnSBaNPc2LfF3GlnHDqkXRwR1BdcSGZG4LyCr-fsa2WCNmiEyGZU_KNAsG3M4wUrJmSaRdeSc6iAI4BA2UfNcBPMKHXQAHyiGJSqe2ZE4dfLbY-_mEiwuNrywl7EB-bAW1lpYmN8ELxmAhLBY36rdoGeE_ELBeeqAVnDma5Ta-9WxIWGPDVCOeSJmNi1YOepv3S07EtTLH4wGxaLGnJ1YP0Sdy2WKU2QaGZFF-8wUlqE9lgYhPJ8rpe-tHl4l5cV2jljbYnUMVHUg5iehQanTPws_UOg1w2fZMO8qHv6uu338HGyRi6u3yfOfDasAJ6r5v2hTNwn6O0nrRXodGEspTfFohmprHXNjpa7L9H9Wbwwhxe7oMp5uuwYPx_G6m1kKlSdKiaAY7s5DWmy1fGABfLzNrfOPSRoxH0Sfre6-Ag5TRjsxgerzTOoOBn-5H48o46L3026p_JMJ5H_GeOGYogc3-3aL4fsEvHrReXfNosykQ3haWuBUIjGiKcXTq92DzLZLQKqffO0S8C4zi1bF0iNtVHHHsKbc-SgIk9Q4em6EfL1yIa48RRB5K4dVqq9_fhFHpaTc3yx1gj_CPdB2uCAzzXNeTJ-WlBpeDXIZN4YEZVwdsnjH5mV-k9ESTcQJ6iLn54kdJt_w8E70RPZNoLEIIDJGFJ7UnPENNKSGCCPWrCDM9zaCmed7wEHabuWxRMySw60u8gWsB-fQYFhVH61RuD3zUImPoAkyfOkXCgMOfzA&sai=AMfl-YTvAYN3gEjXnV9uZESWwDMO6fRSk_jIvPycesY-mQJxtsdqHcL_hZBCKT-HgMTC0W3T-YeYn7-efl7tzl4B_ZBSofP6Omk-c8LH4YdR2F1cipG3gV0_0LevUCpm72wqPWD5IXg58iDNEdcyrqvy9d1b6ZTzuk-aOw&sig=Cg0ArKJSzMZccYuNQhmXEAE&cid=CAQSSwDICaaNzFclO9q1bjp5lheBcAmOqCeYiFaFAO4SsOZYNqA8fM4PzKmguWmBH3GzoDudP172lC0fHYUHzarMpazuE0-6hq8Y4mYTlxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1980608376&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696555845352&rpt=314&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 66A8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBUePiKE_KaxaGMgM30fo-hKaOH65DbYknGzcXx3jTnNgRBmn1B1Ka885qQBXZ3oHGYIYFqbJ44dR1dr7Q9RFP3qWODO2WGShAtLGfD4tH2237t99i0pHzP9ddR1lGXTGSeEhvRLm23lHe&sai=AMfl-YTk8iSmsleO5pLijQIA_KJ-O8rKCOxbZFDpw53A4dZDLAnvu4DobYKMQNuap2h-At9j7V5QthGYjeZQWh3d6a0PRL7CbUCNuxYeJBb7OqBf05S0johxBVtTIZE_Kg1Yj71a6ygUbMnGQ7tiMA&sig=Cg0ArKJSzIqZiam4GMB5EAE&cid=CAQSTADICaaNb6UUNLZK_tYN9DN4xPK4z6f5y3rDj5gavNoKDjWGgikHbXpqD6gFaaNz4OHHX8PkRzHhR8I5Kb1aK3LQm_UFxP6-ifo00boYAQ&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696555845406&rpt=298&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 01:30:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=3704421518991591&bg=!PzylPHPNAAbjlzx0w5c7ADQBe5WfOP4DLaxpZCuT25TMMA03b0Iv6n_Z6J0uhAWsvkqPbZ47mGr4FXFZAX4Rco5QkDtrAgAAAD9SAAAACWgBBwoASMpnKXZsdwS2YJ-nwB760ksNYBw_bRzxHhqYgPqoxd8pRIOphxOZI7LkKz2i0H7xxNVpPbYE7iDe0cqtYCEYaUp9Ce3phVoXPJkCw3ByqyYCnbOLD2YRKMRq2sStUFOiHU1hr7CcDG1qhhpNYd0oBeFBQuXvKIxClt6fwcN1ZczzEYgrkSdbhB6Ckg0Su1AJJaavvkS0Pfv-SpvdnA1xPj3c-tjU76FQZR1RgdH6PcezfGiZ4sWZxYgcHCpjP8edXzxAvAM8yxrLO0dPKKSWzNTpEet9zxyVRSODERXrhbfGFIfy8uYtHSOZ_Cd0YNozUkkGPeTqBewhhM_hBVqZfzMacNak4Ve8NixjRviqafCSuS16JYM0E0DSObHCCo8NIUNvNOKiha4xxQjoEUdo8nE-i1WCaH8j3CK_fZ7unXelO_-YbO0TABxCQ0YzaV9mdcPvGP2b-SXoDA2NBLJ7P9kCpLwl1wLFk6728urvKJzo9Ip4FbiZFGAjBWcsdsM84886yS-W3r8F547VjJu3yy7knlwBO6SciPW8flTrHo4xWsy9_ryVMD4IR6ziZv48abRsz6BjpL07YiCYzdk1GibmH1eILIdHQjHKiOQzvPhXORxoyPeMSGmORowU3GDvkZMIe8kY3QNbmOzIL-oylM6TAcesKGdmchSQIQVHzmU12QQqyggp8ksjlwj6bb_T6psmlflu49H4F1P-FLwmLF2ft1cdamKtWpZNCuhSuuwjPuAHs0HFSwl2Zc85NzZKe6K_pnF_SthWKB5ybZX_8JjkiXllc-mIJB8cO7x4JiG8zPuRnvJDzt33muvKENDHddDxyxCFqXzDG90r8Cbah5OTGO1wKXNpodRhHBFEOHeVsABrGTfdQgtIxL65DMT7k6rHPDCIGRJ-fxXgepqBeKYaULXGu9g3gw-gSVgagyFyQmT8VCM5UUEYajxm-8DTJnCB6Sn2bilAIaO6W6NdGcNM1QmiNiGlFd8RFHJgXbr-B_PcpE65abscP7KxvUb97FBamPUBw__bCZAv-b1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.hkvisa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sci-hub.shop
URL
https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=AWh6m2ezgdGRyuXp&first=1
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=hGx9IDzundefinedcSJvaSundefinedz
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/pluso-like/square/medium/06.png
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/plus.png
Domain
kitbit.net
URL
https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go string| allurl object| adsbygoogle function| gtag object| dataLayer number| ifpluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter object| google_tag_manager string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| pluso function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| google_llp object| googletag object| k string| pt object| s object| GoogleGcLKhOms

18 Cookies

Domain/Path Name / Value
.hkvisa.net/ Name: _ga_B3ZS4P497Y
Value: GS1.1.1696555844.1.0.1696555844.0.0.0
.hkvisa.net/ Name: _ga
Value: GA1.1.408055097.1696555845
.hkvisa.net/ Name: __gads
Value: ID=f1cb4340ffce1d27:T=1696555844:RT=1696555844:S=ALNI_MZ4gDH23LncxxOgfFDZTuvAZ_ZLDA
.hkvisa.net/ Name: __gpi
Value: UID=00000c8f6fef1360:T=1696555844:RT=1696555844:S=ALNI_MYiN3DN0aRd7G9rdEgVbRJww1B5fA
.doubleclick.net/ Name: IDE
Value: AHWqTUkqB8bUwH9hXJbuqi4leXHJILukwHDA3vtu6J3SFPKOIsf4kGcF5TfG-yx37sU
at.bahn.de/ Name: exactag_new_gk
Value: 073015c6724f47ab9e12e776251bd2d2%7C05.12.2023%2001%3A30%3A35
at.bahn.de/ Name: exactag_new_uk
Value: 5d9e81ad59ea4985adf63735fed42703%7c
at.bahn.de/ Name: session_session
Value: 362c15c91c334c6aad88434f
.adform.net/ Name: C
Value: 1
.ctnsnet.com/ Name: gid_CAESECTbU1NNx8WXu4042gP9Zo0
Value: 1
.ctnsnet.com/ Name: cid_f35cf9e98c4347c189c3eeff53339349
Value: 1
.adform.net/ Name: uid
Value: 2893755319343568647
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%229984E68C-8845-411E-2935-E17523065751%22%7D
.googleadservices.com/ Name: ar_debug
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBEZjH2UCEDBcGmmVj-ZkpZWCBbWIMQsFEgEBAQG0IGUpZQAAAAAA_eMAAA&S=AQAAAh8aS4qlgpDDBHJFNleR7eU
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZR9jRgAVsyUQNwAb
.yadro.ru/ Name: FTID
Value: 1b7sD62JPGue1b7sD60036zP
.yadro.ru/ Name: VID
Value: 3gaXdr3puDOe1b7sD60036zk

2 Console Messages

Source Level URL
Text
javascript error URL: https://sci-hub.hkvisa.net/
Message:
Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.hkvisa.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
at.bahn.de
c1.adform.net
cm.g.doubleclick.net
counter.yadro.ru
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
img.sci-hub.shop
kitbit.net
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
sci-hub.hkvisa.net
scihub.scihubtw.tw
share.pluso.ru
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
img.sci-hub.shop
kitbit.net
share.pluso.ru
142.250.186.130
142.250.186.66
151.101.66.49
2001:4860:4802:32::36
2606:4700:3034::6815:9e6
2606:4700:3037::ac43:dba3
2a00:1450:4001:802::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a02:fa8:8806:20::2010
2a05:d018:d29:3605:316a:16ef:4691:e00e
2a06:98c1:3120::3
3.121.158.177
35.186.193.173
35.190.0.66
37.157.5.133
85.14.248.71
88.212.202.52
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0a290c9fe7fbdae50032ede5fe7230d9088c2eabb9caea8d956611513d2fc9af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ced8df5de37552ec6cd32954755f57b734fb76cb6cadf2c8c17b9628d8c374a
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
12f6e2b0eb36e56ed2a2ce2197ae52f512b5f88ef3805a49386ab724d50610f8
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
15f9f1486aac335b447a718b98231f6f80666fa4aab41cf6f1d34d3ff1efd67e
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30d5cb1a833aa6e8d67bc20522561c39a2eb80dd3235e12e42db0945ff896355
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac04f3d0211bbaee42e2f652aa64eba2b903f357338d0b738ff625b3e43cc1f
417f2055b0f89bb7d9816b136faf31dc737b5ead0de4386fa8ba1c5a49c73833
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4e5ee74efe46726bb6decca3e6810d2504da718d73f9744150178919d6d671fe
4ea3ce42631b31af60c31ef24043a05f03311eb74ab74a0e65dee272ab126403
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
529fd973ced7bed5b7c9312c48dd16f07373ba1733e3bd2ff079d65e7f7e1665
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
64080214df9df693f146e681664746c094b1f87956bc2850cf22b04b4a1ea64c
646614e1758d8afe6a2c65e2a281930d7bdc914aa8b2ac2864bf37ce33f5e360
6a2b72214cc983024d368bae7231532353964b1f5577ed6735cbc65ed21dc2d5
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
6d55d20c3b716ea276a13dbb5bbb0ae80bc713165a073d5fcf9729f724d6afc9
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
715b5d58258ec4efb8d5a61a8d6553f97fadaa4dd2f218a5b575b6a27379a54a
7403997fdeadc373982855d86b26e002fdf4ea6da6f76b9441ac66efbf92f1c6
76f44261375eab3b7a2a1cb6c098f3b8f1e93976bad4b5b97185b30aed973fa0
78a4f751b49f02dbc4c33506f30ec34fc949ec159781803435e812cf22b82918
79090d60ccb88bbdbedbbf4049686166a96e5de684eab6e62da67c6a587deba9
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
97bd2ecee25d06cfb0e3477a2e0e12164fc5956b69ba9fea7acba2e969948909
98cb6d944b2708f6ccbea5d2699bbbc6f7acb45109f16c248d421630305292c7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f1fb3fbb41b92aa1a0e39207ca563c270814be01cdd0a9b7654fb0f8532e72c
a8a9df6caaf0fab7481dc237f2e8e1b89db6355a3b704fae8e0f9d68aff9f378
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bcaa1ffcaabd75e6896e26a5f568dabd7bcee7ab42407184fdaa53e4ee656b65
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c07cae79b66a273745fc83d5a63e2166b525c5f6d8c3879c990f153c230ba1e9
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
d4e5a7fb3d2fad34bd46b3ec521d21302e06ea3b31ad15d3c4455b1b2357c59b
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
dbd218bcfa5950989e22d2f0da5e3a5c484a0dafc9229812faea9af72deb2205
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb233a10551eb82a9789e87c6d916fb4c470de004d4bf56f8db705f3109ada4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f527c2497928b876e909c90171017c88f4a0cee6747c2ce40c682a28231063a4
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86bea0a9e4e506370639639a4857739d4cbceb336e309217dc6eb72bf73b66a
fcb96ca2aaac0fe71615829eb339b27555c8bf82522e02ec3daa0b17aacae182
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28