sci-hub.mksa.top Open in urlscan Pro
104.21.73.88 Malicious Activity! Public Scan

Software

cafe /

Resource Hash

54a03bdf224341083516be6dcdd6b69dc45ce9902609887227f82f2acfd23dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
Origin: https://sci-hub.mksa.top
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50630
x-xss-protection: 0
server: cafe
etag: 15037473802763016079
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 09:53:27 GMT

GET
H3 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 26ms
25ms Image
image/jpeg 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1229932
alt-svc: h3=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BlIlq1E7kwz%2BKOyO8w3eoi3lw6c6ZRmTX63CmNtbP6xBZCCI00cfVAfvF8%2BHdNZIb6U1pNzbNnNdtdaVdl9MljsVpRyS%2B%2FYLxXTm1YuV87nQt3f%2BZGn4LTsa2edbAObEH%2BS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73ec9436a4-YYZ
expires: Fri, 06 Oct 2023 04:14:35 GMT

GET
H3 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 81ms
81ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2615360
alt-svc: h3=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=418y99RjVcW1yjLjMR5yXsMf%2BQjzN90qOasc8djE2hwTZ7e0Zjyz657TJeIhjOyntkxtN9Upoe86t5avNAeHf5NGeVMXkKZqHwXbUykrlNU83bRBC1qTf2UFyIJH%2FJa8RkLd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fc9736a4-YYZ
expires: Wed, 20 Sep 2023 03:24:07 GMT

GET
H3 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 83ms
81ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sci-hub.shop/scihub/raven_1.png

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1074487
alt-svc: h3=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nm4aTGGGsy6EbkKR1YlhWUL1JF5ach1t%2Bwp0Ae%2BlfMXcZhEOs1fnP2Ka68q8OgSJCuf1qzhhdR%2B8k8d3DoJALCFtq3n2qrHa5RKUg%2BxSTwMYmjk%2Fepu%2FmBkhP3xozcvy4g7N"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fc9b36a4-YYZ
expires: Sat, 07 Oct 2023 23:25:20 GMT

GET
H3 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 84ms
82ms Image
image/jpeg 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sci-hub.shop/scihub/map.jpg

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153750
alt-svc: h3=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUupkbPH6uo0HJfsfAoZUfaZWPHo1HWUCDhkzN1j8bd3eru5YW7WgSkofeJh7O6ED5TYn9UoDQNl1WvGFhHKyXvJ3oFmevjsjYx240DNHLV30BiGXxV8oLqsU9qnGIcXC%2BLG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fc9c36a4-YYZ
expires: Wed, 18 Oct 2023 15:10:57 GMT

GET
H3 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 85ms
83ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177571
alt-svc: h3=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZYItS0ANcUMupcQ1B%2FAALTulAxcQ7B2TIwSgODFQhUrfjvHR4o7nTuNVG8pWWDhgx0XMuPf31%2BDC2yGgWHsHQeVsdViPuhOg0MR1kaqd9WnH8uoPxt%2ByglnAuny57Ninj13"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fc9d36a4-YYZ
expires: Wed, 18 Oct 2023 08:33:56 GMT

GET
H3 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 86ms
83ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 705042
alt-svc: h3=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTvsHfejgoWuszhUMIRTtpc%2BXSpvmtKzhYMAkMazxrM%2BwFHuO2NIy6RzqeBF%2FIzDrWIqjyX2zvem0pMAVJkWmv8PCyvPrPCzMaZrztd%2BN5Pq97jXEZdOS2BYq%2B3mwxFehR5s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fc9f36a4-YYZ
expires: Thu, 12 Oct 2023 06:02:45 GMT

GET
H3 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 86ms
84ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 190001
alt-svc: h3=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itdC%2Feqvw9fIe3szVK6%2B6psRgDa%2Ffuirgh0S4fG4ZW1jH2lZKTw1BwOfH0zk1ThoHWLHRsozpn8cguxxUhRS99LsDaLsfIB3VInaqlbIaJv4iUZCr3woVKtH7XRMjSeJOch9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fca136a4-YYZ
expires: Wed, 18 Oct 2023 05:06:46 GMT

GET
H3 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 87ms
84ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177571
alt-svc: h3=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5LS4tiNYuUR13PR3KVHJkpPlBNTNuJOP9f0sWDsRgkAQ%2FUVoq0lDJaYQFW0bgmCD39SzjqZuKEH1%2FwfP3zKsZtH%2ByWJ7JfQ%2BErj7jZoMrIRzCQeamIZ5lLZfps%2BIp9D5a89"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fca236a4-YYZ
expires: Wed, 18 Oct 2023 08:33:56 GMT

GET
H3 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 97ms
95ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184235
alt-svc: h3=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1ZkfjOO5w7h0a2ooXjR7RSpCHfItzga%2BDMFvmyOZvhRpaEt4IR4D3VeOtGhHSSh4GasZ3Ulaf1oOdYxV0T6MNhE%2Fo1vPS0IhfHsi1JX5rv9eKgAYmJNdYwC1xnJu4z7n6GS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fca436a4-YYZ
expires: Wed, 18 Oct 2023 06:42:52 GMT

GET
H3 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 98ms
95ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1229932
alt-svc: h3=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQVr1MWf5PieT4bVuRXLHkfuChdFHsdHhaBOU2AuSwf6XC7hD2yCfqcolOreE%2FrI98aCixZd9UhbEWZWj7PaVLl9d7uNrKQvncsk%2FoTBVD423XscwWtrUilFNzTMItXM7Bjb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fca536a4-YYZ
expires: Fri, 06 Oct 2023 04:14:35 GMT

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
50 KB 98ms
95ms Image
image/jpeg 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539678
alt-svc: h3=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ftf1tncpEvuBZXeFHsclh%2B9CB7t3wc%2B3LGjU3LnLeK%2B2BEvfOgWNcTXEedcWDrMCObrbMbf4Iy%2B7WOquEHgvv7dkRpjNHi5Kd84DXUw33iohT0sZkErK8x9VQqO7onXgqqd3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fca636a4-YYZ
expires: Sat, 14 Oct 2023 03:58:48 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 99ms
96ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 190000
alt-svc: h3=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpkSAsyIfGvwuiFFhhlM62%2B7CvJKqRFpwDWxjGLDFUKWN3rXKvZ%2FU4oKAQfFv6NknlYuV6BGNDcEC%2F89KwdwuC%2B%2Bda495jczrfGKKJVGg6Y7xNHpkuRWLRuRk7jS8Crdx4z0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fca836a4-YYZ
expires: Wed, 18 Oct 2023 05:06:46 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 99ms
97ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sci-hub.shop/scihub/joinvk.png

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261897
alt-svc: h3=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2B69m9ntL5xybm4myh9M8OvR2VnoxT6Pw4aFPTraXRKQXxvj%2Fz%2BHueVniieK8bHLhC2k7MWIknzc3LD7pLAua1mPkSLiCCTuG5pMee2Btm6V7MJTjRLN3jd1G04T7TOXCq2P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fca936a4-YYZ
expires: Tue, 17 Oct 2023 09:08:30 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 101ms
98ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1229932
alt-svc: h3=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ta8dCNR5DlNHQMKmp4lNLGhrI5H9f4ovZxDH6Uxw%2B5CzrsCzjH8uBrVF06haZ%2FsjvwQGFeZlcAYGqNBmO5CevG3PXZNkky0UHj3cP9Ne4LLqIBDzksbCz1uI7lYZD9P7CR7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fcaa36a4-YYZ
expires: Fri, 06 Oct 2023 04:14:35 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 101ms
99ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177571
alt-svc: h3=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FiZ1HvHr6%2B8tUz3UiPnw25UOeWRdqYvjRIP5o2VoU9RK4KGvXZz3%2Flh%2BeIGjihLoZaM5eTckUCsxiWeNe8IhsB1BXHLCFzil4IJ4lhNCliaK7Q0yDlLQ%2FJfED%2FEQr8%2FIOB5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80992e73fcac36a4-YYZ
expires: Wed, 18 Oct 2023 08:33:56 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 71ms
71ms Script
application/javascript 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1229932
etag: W/"5c00bef8-a5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUs5V9XpNJn5%2Bf0Vc9%2FJfGqszK6VWUhiDuAegoGGCLp0jO5QM%2Bw6rfanPWFgZYdgGtc%2FWvhS7mabhGrNf5msMFT0gmTsL6Glvcl74T1mmhYGqbirotyhJl2gcJ%2B9Ni1XICbC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 80992e742cc536a4-YYZ
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Sep 2023 16:14:35 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
128 KB 149ms
77ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

354443f579a43a58817521a003b80476acaaac9068f04b24d56bc820f8d13896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131529
x-xss-protection: 0
server: cafe
etag: 5475705312197025526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 09:53:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame 562A 10 KB
5 KB 348ms
36ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 75079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 13:02:09 GMT
etag: 8554266389219770021
expires: Tue, 03 Oct 2023 13:02:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
600 B 119ms
46ms Script
text/javascript 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.mksa.top&callback=_gfp_s_&client=ca-pub-5200551945029930

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d06111777e420dcfed97c999e7610797db45e1780b70548e8d10bac1fc6f953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC2B 0
188 B 170ms
97ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&adk=1812271804&adf=3025194257&lmt=1695228808&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695203607837&bpp=3&bdt=307&idt=237&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=854821629206&frm=20&pv=2&ga_vid=1233008581.1695203608&ga_sid=1695203608&ga_hid=327869108&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077970%2C44792012&oid=2&pvsid=2794181503395630&tmod=195557708&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=259

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 09:53:28 GMT
expires: Wed, 20 Sep 2023 09:53:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
50ms Image
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28A3 25 KB
10 KB 370ms
309ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1695228808&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695203607840&bpp=2&bdt=310&idt=264&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=854821629206&frm=20&pv=1&ga_vid=1233008581.1695203608&ga_sid=1695203608&ga_hid=327869108&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077970%2C44792012&oid=2&pvsid=2794181503395630&tmod=195557708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GQzZGhyDCx&p=https%3A//sci-hub.mksa.top&dtd=269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

667be30eb8da81e9724e6a559638acad981b6136fffe9bc0cd96ae144e7cbeef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 09:53:28 GMT
expires: Wed, 20 Sep 2023 09:53:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5B08 624 B
509 B 52ms
49ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmfwKQCEKvXj6cCGIWYqvYBMAE&v=APEucNX7qyJm5EWZISO8zvurJ7VCJOrAQkheCP0yL6zet3qC73N_twWFldR-Llb2yHUK14J2EIosRRgkyigEAu0RIadMD2fi7w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1695228808&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695203607840&bpp=2&bdt=310&idt=264&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=854821629206&frm=20&pv=1&ga_vid=1233008581.1695203608&ga_sid=1695203608&ga_hid=327869108&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077970%2C44792012&oid=2&pvsid=2794181503395630&tmod=195557708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GQzZGhyDCx&p=https%3A//sci-hub.mksa.top&dtd=269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1695228808&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695203607840&bpp=2&bdt=310&idt=264&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=854821629206&frm=20&pv=1&ga_vid=1233008581.1695203608&ga_sid=1695203608&ga_hid=327869108&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077970%2C44792012&oid=2&pvsid=2794181503395630&tmod=195557708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GQzZGhyDCx&p=https%3A//sci-hub.mksa.top&dtd=269
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 09:53:28 GMT
expires: Wed, 20 Sep 2023 09:53:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2932 89 KB
31 KB 54ms
53ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 20 Sep 2023 09:53:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2932 3 KB
1 KB 115ms
38ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 03:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23070
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 03:28:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2932 20 KB
8 KB 112ms
35ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 02:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 02:16:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2932 182 KB
57 KB 1143ms
37ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 09:53:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2932 42 B
63 B 56ms
54ms Image
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8VK1x6V0SXGic4mHgWcXxLRUGWYptQQ3SBhu1UvB44A4rKt2xvf-nhfQTUDDS4I9kLN1EivoIzbm0HnQbiL1b5-D4oefFCj6fN2Npifpj-QLHc8k

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2932 0
20 B 57ms
55ms Image
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12831931333067820442&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5B08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMryvQOccdiIOk2xhqLdgBQ&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMryvQOccdiIOk2xhqLdgBQ&google_cver=1&C=1

43 B
339 B

49ms
49ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMryvQOccdiIOk2xhqLdgBQ&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmfwKQCEKvXj6cCGIWYqvYBMAE&v=APEucNX7qyJm5EWZISO8zvurJ7VCJOrAQkheCP0yL6zet3qC73N_twWFldR-Llb2yHUK14J2EIosRRgkyigEAu0RIadMD2fi7w
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi9yAXiDThyKpnZVICu%2B%2BmuoqxoEijR5JRx2LDT3bj0gHEqEpRrWfnVCp%2Ffov2%2BbyH76KxrsRx1KbM4Z7LYnx7uvONhg9g2UUH6SUGAFOjrCYrr9vFwnTH1W3aXfDAyZUuMmwt7G8tvv1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80992e81f9a9a208-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ie78rDEObHL9CQ4gtk1a8G%2BccqIvsIXb582C2ekrBfF4qSRR7zErjZ8jMFXDrSAuigiQjkDal%2Bw8N9%2FfHEjTCotBh53k3cFJlvn8SSAxeoBj8Ji6WhejMUBK3%2BNoWrDfFl%2FTmxFcDJVBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEMryvQOccdiIOk2xhqLdgBQ&google_cver=1&C=1
cache-control: no-cache
cf-ray: 80992e81b97fa208-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5B08
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQrBGZ5iNVDfayTCeMnnNAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMryvQOccdiIOk2xhqLdgBQ&google_cver=1

43 B
768 B

41ms
41ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMryvQOccdiIOk2xhqLdgBQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmfwKQCEKvXj6cCGIWYqvYBMAE&v=APEucNX7qyJm5EWZISO8zvurJ7VCJOrAQkheCP0yL6zet3qC73N_twWFldR-Llb2yHUK14J2EIosRRgkyigEAu0RIadMD2fi7w
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS9XXbpXVanIx1ERjHTVROyfOHFE%2FApzVDM3lOESVgOON8tzs6xiPGj6qE6Llwk0AAqzox2nWxe44u1SsiEfmP3L1AjmF3nBcuPyRksyxgSck2c87kak88wk%2BhnBP8EPwawf51Qq%2BxFNoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80992e82cfd838e5-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMryvQOccdiIOk2xhqLdgBQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 5B08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH94alabzkgWvh-rsBYHdIk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH94alabzkgWvh-rsBYHdIk%26google_cver%3D1

43 B
886 B

36ms
36ms

Image
image/gif

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH94alabzkgWvh-rsBYHdIk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmfwKQCEKvXj6cCGIWYqvYBMAE&v=APEucNX7qyJm5EWZISO8zvurJ7VCJOrAQkheCP0yL6zet3qC73N_twWFldR-Llb2yHUK14J2EIosRRgkyigEAu0RIadMD2fi7w

Protocol

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
an-x-request-uuid: 3c5c1c7a-992a-4002-9b4d-153bc0bc1138
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 153.92.40.99; 153.92.40.99; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
an-x-request-uuid: 31935474-6f51-4e57-94a3-91ae2e6547de
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH94alabzkgWvh-rsBYHdIk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 153.92.40.99; 153.92.40.99; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5B08
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMzE4MTE5MzY2NjA0NzEwMQ%3D%3D

170 B
243 B

47ms
46ms

Image
image/png

142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMzE4MTE5MzY2NjA0NzEwMQ%3D%3D

Requested by

Protocol

Server

142.250.31.155 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
an-x-request-uuid: d84d09d6-e581-4d00-8959-ed9bf3a37b1d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzMzE4MTE5MzY2NjA0NzEwMQ%3D%3D
x-proxy-origin: 153.92.40.99; 153.92.40.99; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2932 0
20 B 52ms
52ms Ping
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1261676023165&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2932 0
20 B 51ms
51ms Ping
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1261676023165&version=m202309120101&ct=76&x=1&cor=12831931333067821000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2932 87 KB
36 KB 79ms
79ms Script
text/javascript 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dx4A-Y-wF7bdfBQf2up4kwBlzWXdWch5VOlkapH04cfFNfBFLA1qZNLuLmz6ZUcFRhIhVVk7f1W9COxFdJ-XFg8nn7vg&cry=1&dbm_d=AKAmf-CzYZpqocszSMM36CnPjZ3hFu-K7s8JBnQmGhFPRPKgEXblCr8OsFcDIQok4rTxRgNi4zTG9jODAD5wxwX6VMEx62obNfPv3rMOsisvqHxDwp1azSNDywjj-vHq4D-26gTABiI4rJgPiJWrkoALpCzhfmU069XaR3XHlJ_M6jsDLMC4DeuynU1KSCbYGRdJ5TvtfEI2w8b_4tpM1O2ch1wqrWZPlh_UKF4c_ziS-5swV_3cj6Ehg0XL9-oWtTJbk7ZMj0ojNyxxpnwUKufjm6gZggOohw11S7zJuPSHKNJVpzc-qQkFJphgpvJOnInKhou7c8LfszXDhhhp-MiVbaTT0TXLur2CEGYzSYkSEiszfUJwz9IaY6M45B54Mc8IkE_jYmGbTAc-BuJqS9pqM8qEZ43L_Yp8Dg_WjY6g-SDu0q7we9eBJPDL_KWctd2nCVNwF3dy2ka_HSrMz_l3BmxXxSI1XNGPm_MgugFq459GpJ3a3stdh0yGTca_YozpgQk4J44s0jmBMlYawtJr8hJSnv-XorNSC2_hZKhBxFBtIIW2VQq76K1pGTJeoVM2HIjgFgfuh2k90fMHUkOXa3QYTKINBNcpTQAIcFFfAGLiODj84D2Cb3nicbjapbmV6Oj2eNGIyiH9OvcUvCq_yGhyOzQLUAWCFzbuuoXP5hcugy_JgBI-DXrFeK8W6apHl7JKFfKibg9nHJ7W9c15ug6paajAyEB8LcQTkIPApKCsWrsPFsc16wVvlgZHDoCzT-08nBm2mdZfG7YffNN3tv-QfDnBje9qb4KFQRlIG2lO0dGS5XEz1tGM96m346iIZO9L7ud9Op4qCDR1Ckiv-2ssGbYLJjKpWGiL6zErLls8pZbdbn8PRNtgudOQAccYC7yHo1V9A3YfFe0yOGxhrGuSz7mWycwL0L_0nt4PVR7-LbDB8CXX1lFe6A-DXpOYURe5p9nhlVA5tVMfbSVz4hiX9VwVAGz82rqdo4gkQvgF540SOutwdZbBkEXI4UPPzbOp6-ckpStHLdtDVDzyuGBSFvQqaAl40u3c5ZSCKD2hnUm3RJpQK7OugffdB36X1vyEULw-CvAU5hz0coiJRw2Tg0oQfWjNcAbixYk9pmzxiV17LATwV1uBC_vWRiVkWhSGOLpfy8VExMFQdjZaN3ChUikTYoHxt2XVZ2XG2z34TwJEYQXgg4k8p57pIQNARCVpgBm48j16BgNhE_UlZ-eyuMH-y3ZF1CR2CVXnCIhmp9U5061GyNzao75Ov1PPO4x8E4cWz6YJh64zxHre1FaGGDCINVfc5QiZvvR_0O90mbWj9gyyZ74FtS7qq29NFZdBKKax2Ro1N53d3Qjvt_jXYb9CQgzUfnUfPXgA0xzycwVwMCwtYBTLYH2TBIwYQ7q49_QmeuikHnDZ1kHf2mcp3Nqfz-aHflOKaYmaI-NzhiyRMRwV5M29IRqwCvwngQvhC1-sCEVPrYLHMpJN4ntzEBp19NkwZ_tilxOfuFmTIdD6A_Ulq5MkQpodAXo4f_-RWTHuC5qRoy2aO0yDOCdebhgMesuQ-01j8SzkVgO0AJ-S1jUnFc_ZXeaKEXKFDU1etzQv4kEWRpfoj0fM9Na8ydsU0pCXRNIGzGTt7i7BTv7GqtZ4xCV_PfLklPvfBdbZVxDvkZWkY6H4iWoFI6L99RfWX6Chcy_4wuE21mNp-hbHIwyvbEIuoIFF1La5CVF3B2crg443l-4UyKwTZqJoo70J4_khbim_hkX7p2PohMLRz1tqe-Mxtf2MjiDE2eRt9zrcGIShzFwxIyY_8LXbp7Xefwid3WV-sunMI5jtfHgiIPT5eJAAcit5YcdpoRBASQ5a5e-Uf_zxJgUZzJo9dXPQNLssDoT_x7RlL3V9gNeHUJ5CLoHNJj3UHjtruGZ0zowe8lDSEU8kTyJzvKQauM2Z7BfK8y8689Tvl8558y44HTLYg8y7a4V4F7Xge5LqHMHQUTOATAFIHZRLmnnoxJwNIrtpg1oE49TJxGNuHxgWePLr-zzTv5O4Dz9n-KIZGAT1O0qs072thwOmr2En9ybdjybEHIRH7fg1icwG00kQkXT6e1WGMNtYRgRhc_TbD8SCmXyxXmygDv52hzTyX2Glgh6UgHI27MzFe30sLgpjFyb-qLWGbgNQd0j6h36f6w1i0UcEh4u4ESKYuAV-aczMTO1ri4XhUoC6P7tdyyF_H5RTVPRtG_HbMG2TIuMjpKIj1EmM8OYpyVjpbj21yWzTd-t9XP8hOI4P_0WgROVQUfQ-qBnmzi0r7VXKVUDOj3d5tlKvul68NRSfuWTrKCkWnXbE0qTwrgvoN0GzENoI7j5_sTvASYVF28JJ1Zlfh1wuNL-kKikJdelUbWrFVL6IAd-adUZwhg7cV1lPdJSLSdDiBSAdtQOWlIZgJi1iO2u_fEwwN_RYkTnkBYmvXMnzKhGdBiIXv0x4sdnJQ0Nn2U6NjxrZjzSL0AmKFxMfJ0qTTQiRZo6vrhZ4rxGr2l_nMgw_eC4mM1zjecdtYMxQiBQRZbhsmmkqvzwLk3rQEDdsTd5I4l3Mjtlq-6tlmn1Do4jpeCrEMSRvBdZjzeseGDR9LThMOSbGzcwzR9kyrEeeEbL12qkqY3LQhP5_5kyKuSJTvNbbPkLQV1HPCUXDbhXmo3tXOaFm8dLZ4tAW6t8mautz-1V_BgxTKocLJIKO2gf2ZdDTW4pz8a1kYkknlGMTxmlEJF9sjSWLbxFpZZOCFLJFzdOlr8Hgk2hvv30UR4-DWTpvvZQ_wl8GYvlIX1rEEdVD5y8jCdHsFYHeL0Y3D01FQ43H7bFuXvxibyfXc0aYwxlvUv-nhggrTiWq5mycxkok7nyhX-c3nYbwySF-1tNGABVO7k-R1xQQtmATFvEVLNzQ3qlulsfW42u_XSaTO_eyfxyejkgUmToG2W81cN4x74TUIEdrdtf1rTjxLyNTs2Ua9Fd2lxaDUl91JPxqbE6jutYN5eASP1SVuTRSKUfs9bd0viFd5VvJbTLBOqL5IgR8iyrtbh-EJkO_kl9HYtpZUv14587K_rOYVX6oxiBsSKtVs8EOECLCRDC3sqkMqueacapAtxYJPYvyqvbZq77Y3H1ZVCWWctlOyFf2VevsVz2kBKk2kTAO6XIfJIPeeoGBYGSnE5mbZNyGxGSzGXCT3_fJZyDd6eh_IembVJqPfAiQnoap5uPyX9fqRf7xse0JDn1d-Gy9dvpPBLJUjaZIlPUtOBgJ7GHPoid-Xn1vdiocS54lRVujX42kYTtf2VxZsa0ezLgRGe1RY-ONHRy8BLB-QBVPIDqAvPUwqarAVnY64NI-iCQ3Yz9_drQKWLduifPbiL_NW9IfFjEcxzrbze8NtmxuhgDHyefThqbMjM2BCGXkLor8dZN4hVSr8-TUPOeEM_G5ZhNVNk63y2CzWbEoZZRhDZine35SssIZI1rsXiiL2TSoqIQ-khTpjMhOQ-ty3SmDDexH9Viee3QIpZit3RnRvvBk58iyIJMvpxvQ3q6ilnbZl64c5f3uMMoScdPgTOfMxz8JNTgY2nQA9Kh46aph4u3dGtib-BrxRPCKRDHNNC0sQFoiVV4tUFi3MOMOMKBb086gdsPN_4TMRoPOwNubIPaENcOC&cid=CAQSSwBpAlJW-Wz_qm84JwihXR_AtXLCzCJAm7tiF8zw42zWvVqjDr4l4LnQAFZLje4WbpHSHwsYkxbZJ2WTT1V9ivKHFSZiLyC7qpSHwhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsci-hub.mksa.top%2F&ds=l&xdt=1&iif=1&cor=12831931333067821000&adk=2124396030&idt=58&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9b4bb25af80a1d1573d25d6142d28fc7bf2b1efb9798853dca50a6c78858438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1695228808&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695203607840&bpp=2&bdt=310&idt=264&shv=r20230918&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=854821629206&frm=20&pv=1&ga_vid=1233008581.1695203608&ga_sid=1695203608&ga_hid=327869108&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077970%2C44792012&oid=2&pvsid=2794181503395630&tmod=195557708&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=GQzZGhyDCx&p=https%3A//sci-hub.mksa.top&dtd=269
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1650822/74321981/ Frame 2932 47 KB
12 KB 1133ms
54ms Script
application/javascript 54.174.246.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1650822/74321981/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dx4A-Y-wF7bdfBQf2up4kwBlzWXdWch5VOlkapH04cfFNfBFLA1qZNLuLmz6ZUcFRhIhVVk7f1W9COxFdJ-XFg8nn7vg&cry=1&dbm_d=AKAmf-CzYZpqocszSMM36CnPjZ3hFu-K7s8JBnQmGhFPRPKgEXblCr8OsFcDIQok4rTxRgNi4zTG9jODAD5wxwX6VMEx62obNfPv3rMOsisvqHxDwp1azSNDywjj-vHq4D-26gTABiI4rJgPiJWrkoALpCzhfmU069XaR3XHlJ_M6jsDLMC4DeuynU1KSCbYGRdJ5TvtfEI2w8b_4tpM1O2ch1wqrWZPlh_UKF4c_ziS-5swV_3cj6Ehg0XL9-oWtTJbk7ZMj0ojNyxxpnwUKufjm6gZggOohw11S7zJuPSHKNJVpzc-qQkFJphgpvJOnInKhou7c8LfszXDhhhp-MiVbaTT0TXLur2CEGYzSYkSEiszfUJwz9IaY6M45B54Mc8IkE_jYmGbTAc-BuJqS9pqM8qEZ43L_Yp8Dg_WjY6g-SDu0q7we9eBJPDL_KWctd2nCVNwF3dy2ka_HSrMz_l3BmxXxSI1XNGPm_MgugFq459GpJ3a3stdh0yGTca_YozpgQk4J44s0jmBMlYawtJr8hJSnv-XorNSC2_hZKhBxFBtIIW2VQq76K1pGTJeoVM2HIjgFgfuh2k90fMHUkOXa3QYTKINBNcpTQAIcFFfAGLiODj84D2Cb3nicbjapbmV6Oj2eNGIyiH9OvcUvCq_yGhyOzQLUAWCFzbuuoXP5hcugy_JgBI-DXrFeK8W6apHl7JKFfKibg9nHJ7W9c15ug6paajAyEB8LcQTkIPApKCsWrsPFsc16wVvlgZHDoCzT-08nBm2mdZfG7YffNN3tv-QfDnBje9qb4KFQRlIG2lO0dGS5XEz1tGM96m346iIZO9L7ud9Op4qCDR1Ckiv-2ssGbYLJjKpWGiL6zErLls8pZbdbn8PRNtgudOQAccYC7yHo1V9A3YfFe0yOGxhrGuSz7mWycwL0L_0nt4PVR7-LbDB8CXX1lFe6A-DXpOYURe5p9nhlVA5tVMfbSVz4hiX9VwVAGz82rqdo4gkQvgF540SOutwdZbBkEXI4UPPzbOp6-ckpStHLdtDVDzyuGBSFvQqaAl40u3c5ZSCKD2hnUm3RJpQK7OugffdB36X1vyEULw-CvAU5hz0coiJRw2Tg0oQfWjNcAbixYk9pmzxiV17LATwV1uBC_vWRiVkWhSGOLpfy8VExMFQdjZaN3ChUikTYoHxt2XVZ2XG2z34TwJEYQXgg4k8p57pIQNARCVpgBm48j16BgNhE_UlZ-eyuMH-y3ZF1CR2CVXnCIhmp9U5061GyNzao75Ov1PPO4x8E4cWz6YJh64zxHre1FaGGDCINVfc5QiZvvR_0O90mbWj9gyyZ74FtS7qq29NFZdBKKax2Ro1N53d3Qjvt_jXYb9CQgzUfnUfPXgA0xzycwVwMCwtYBTLYH2TBIwYQ7q49_QmeuikHnDZ1kHf2mcp3Nqfz-aHflOKaYmaI-NzhiyRMRwV5M29IRqwCvwngQvhC1-sCEVPrYLHMpJN4ntzEBp19NkwZ_tilxOfuFmTIdD6A_Ulq5MkQpodAXo4f_-RWTHuC5qRoy2aO0yDOCdebhgMesuQ-01j8SzkVgO0AJ-S1jUnFc_ZXeaKEXKFDU1etzQv4kEWRpfoj0fM9Na8ydsU0pCXRNIGzGTt7i7BTv7GqtZ4xCV_PfLklPvfBdbZVxDvkZWkY6H4iWoFI6L99RfWX6Chcy_4wuE21mNp-hbHIwyvbEIuoIFF1La5CVF3B2crg443l-4UyKwTZqJoo70J4_khbim_hkX7p2PohMLRz1tqe-Mxtf2MjiDE2eRt9zrcGIShzFwxIyY_8LXbp7Xefwid3WV-sunMI5jtfHgiIPT5eJAAcit5YcdpoRBASQ5a5e-Uf_zxJgUZzJo9dXPQNLssDoT_x7RlL3V9gNeHUJ5CLoHNJj3UHjtruGZ0zowe8lDSEU8kTyJzvKQauM2Z7BfK8y8689Tvl8558y44HTLYg8y7a4V4F7Xge5LqHMHQUTOATAFIHZRLmnnoxJwNIrtpg1oE49TJxGNuHxgWePLr-zzTv5O4Dz9n-KIZGAT1O0qs072thwOmr2En9ybdjybEHIRH7fg1icwG00kQkXT6e1WGMNtYRgRhc_TbD8SCmXyxXmygDv52hzTyX2Glgh6UgHI27MzFe30sLgpjFyb-qLWGbgNQd0j6h36f6w1i0UcEh4u4ESKYuAV-aczMTO1ri4XhUoC6P7tdyyF_H5RTVPRtG_HbMG2TIuMjpKIj1EmM8OYpyVjpbj21yWzTd-t9XP8hOI4P_0WgROVQUfQ-qBnmzi0r7VXKVUDOj3d5tlKvul68NRSfuWTrKCkWnXbE0qTwrgvoN0GzENoI7j5_sTvASYVF28JJ1Zlfh1wuNL-kKikJdelUbWrFVL6IAd-adUZwhg7cV1lPdJSLSdDiBSAdtQOWlIZgJi1iO2u_fEwwN_RYkTnkBYmvXMnzKhGdBiIXv0x4sdnJQ0Nn2U6NjxrZjzSL0AmKFxMfJ0qTTQiRZo6vrhZ4rxGr2l_nMgw_eC4mM1zjecdtYMxQiBQRZbhsmmkqvzwLk3rQEDdsTd5I4l3Mjtlq-6tlmn1Do4jpeCrEMSRvBdZjzeseGDR9LThMOSbGzcwzR9kyrEeeEbL12qkqY3LQhP5_5kyKuSJTvNbbPkLQV1HPCUXDbhXmo3tXOaFm8dLZ4tAW6t8mautz-1V_BgxTKocLJIKO2gf2ZdDTW4pz8a1kYkknlGMTxmlEJF9sjSWLbxFpZZOCFLJFzdOlr8Hgk2hvv30UR4-DWTpvvZQ_wl8GYvlIX1rEEdVD5y8jCdHsFYHeL0Y3D01FQ43H7bFuXvxibyfXc0aYwxlvUv-nhggrTiWq5mycxkok7nyhX-c3nYbwySF-1tNGABVO7k-R1xQQtmATFvEVLNzQ3qlulsfW42u_XSaTO_eyfxyejkgUmToG2W81cN4x74TUIEdrdtf1rTjxLyNTs2Ua9Fd2lxaDUl91JPxqbE6jutYN5eASP1SVuTRSKUfs9bd0viFd5VvJbTLBOqL5IgR8iyrtbh-EJkO_kl9HYtpZUv14587K_rOYVX6oxiBsSKtVs8EOECLCRDC3sqkMqueacapAtxYJPYvyqvbZq77Y3H1ZVCWWctlOyFf2VevsVz2kBKk2kTAO6XIfJIPeeoGBYGSnE5mbZNyGxGSzGXCT3_fJZyDd6eh_IembVJqPfAiQnoap5uPyX9fqRf7xse0JDn1d-Gy9dvpPBLJUjaZIlPUtOBgJ7GHPoid-Xn1vdiocS54lRVujX42kYTtf2VxZsa0ezLgRGe1RY-ONHRy8BLB-QBVPIDqAvPUwqarAVnY64NI-iCQ3Yz9_drQKWLduifPbiL_NW9IfFjEcxzrbze8NtmxuhgDHyefThqbMjM2BCGXkLor8dZN4hVSr8-TUPOeEM_G5ZhNVNk63y2CzWbEoZZRhDZine35SssIZI1rsXiiL2TSoqIQ-khTpjMhOQ-ty3SmDDexH9Viee3QIpZit3RnRvvBk58iyIJMvpxvQ3q6ilnbZl64c5f3uMMoScdPgTOfMxz8JNTgY2nQA9Kh46aph4u3dGtib-BrxRPCKRDHNNC0sQFoiVV4tUFi3MOMOMKBb086gdsPN_4TMRoPOwNubIPaENcOC&cid=CAQSSwBpAlJW-Wz_qm84JwihXR_AtXLCzCJAm7tiF8zw42zWvVqjDr4l4LnQAFZLje4WbpHSHwsYkxbZJ2WTT1V9ivKHFSZiLyC7qpSHwhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsci-hub.mksa.top%2F&ds=l&xdt=1&iif=1&cor=12831931333067821000&adk=2124396030&idt=58&cac=0&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.246.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-246-148.compute-1.amazonaws.com
Software: /
Resource Hash: cd6aa2a925c3fd46d50abe53e3a8eb2ce03694006362a35fe63f184a73b30cf6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 09:53:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 2932 30 KB
11 KB 36ms
36ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dx4A-Y-wF7bdfBQf2up4kwBlzWXdWch5VOlkapH04cfFNfBFLA1qZNLuLmz6ZUcFRhIhVVk7f1W9COxFdJ-XFg8nn7vg&cry=1&dbm_d=AKAmf-CzYZpqocszSMM36CnPjZ3hFu-K7s8JBnQmGhFPRPKgEXblCr8OsFcDIQok4rTxRgNi4zTG9jODAD5wxwX6VMEx62obNfPv3rMOsisvqHxDwp1azSNDywjj-vHq4D-26gTABiI4rJgPiJWrkoALpCzhfmU069XaR3XHlJ_M6jsDLMC4DeuynU1KSCbYGRdJ5TvtfEI2w8b_4tpM1O2ch1wqrWZPlh_UKF4c_ziS-5swV_3cj6Ehg0XL9-oWtTJbk7ZMj0ojNyxxpnwUKufjm6gZggOohw11S7zJuPSHKNJVpzc-qQkFJphgpvJOnInKhou7c8LfszXDhhhp-MiVbaTT0TXLur2CEGYzSYkSEiszfUJwz9IaY6M45B54Mc8IkE_jYmGbTAc-BuJqS9pqM8qEZ43L_Yp8Dg_WjY6g-SDu0q7we9eBJPDL_KWctd2nCVNwF3dy2ka_HSrMz_l3BmxXxSI1XNGPm_MgugFq459GpJ3a3stdh0yGTca_YozpgQk4J44s0jmBMlYawtJr8hJSnv-XorNSC2_hZKhBxFBtIIW2VQq76K1pGTJeoVM2HIjgFgfuh2k90fMHUkOXa3QYTKINBNcpTQAIcFFfAGLiODj84D2Cb3nicbjapbmV6Oj2eNGIyiH9OvcUvCq_yGhyOzQLUAWCFzbuuoXP5hcugy_JgBI-DXrFeK8W6apHl7JKFfKibg9nHJ7W9c15ug6paajAyEB8LcQTkIPApKCsWrsPFsc16wVvlgZHDoCzT-08nBm2mdZfG7YffNN3tv-QfDnBje9qb4KFQRlIG2lO0dGS5XEz1tGM96m346iIZO9L7ud9Op4qCDR1Ckiv-2ssGbYLJjKpWGiL6zErLls8pZbdbn8PRNtgudOQAccYC7yHo1V9A3YfFe0yOGxhrGuSz7mWycwL0L_0nt4PVR7-LbDB8CXX1lFe6A-DXpOYURe5p9nhlVA5tVMfbSVz4hiX9VwVAGz82rqdo4gkQvgF540SOutwdZbBkEXI4UPPzbOp6-ckpStHLdtDVDzyuGBSFvQqaAl40u3c5ZSCKD2hnUm3RJpQK7OugffdB36X1vyEULw-CvAU5hz0coiJRw2Tg0oQfWjNcAbixYk9pmzxiV17LATwV1uBC_vWRiVkWhSGOLpfy8VExMFQdjZaN3ChUikTYoHxt2XVZ2XG2z34TwJEYQXgg4k8p57pIQNARCVpgBm48j16BgNhE_UlZ-eyuMH-y3ZF1CR2CVXnCIhmp9U5061GyNzao75Ov1PPO4x8E4cWz6YJh64zxHre1FaGGDCINVfc5QiZvvR_0O90mbWj9gyyZ74FtS7qq29NFZdBKKax2Ro1N53d3Qjvt_jXYb9CQgzUfnUfPXgA0xzycwVwMCwtYBTLYH2TBIwYQ7q49_QmeuikHnDZ1kHf2mcp3Nqfz-aHflOKaYmaI-NzhiyRMRwV5M29IRqwCvwngQvhC1-sCEVPrYLHMpJN4ntzEBp19NkwZ_tilxOfuFmTIdD6A_Ulq5MkQpodAXo4f_-RWTHuC5qRoy2aO0yDOCdebhgMesuQ-01j8SzkVgO0AJ-S1jUnFc_ZXeaKEXKFDU1etzQv4kEWRpfoj0fM9Na8ydsU0pCXRNIGzGTt7i7BTv7GqtZ4xCV_PfLklPvfBdbZVxDvkZWkY6H4iWoFI6L99RfWX6Chcy_4wuE21mNp-hbHIwyvbEIuoIFF1La5CVF3B2crg443l-4UyKwTZqJoo70J4_khbim_hkX7p2PohMLRz1tqe-Mxtf2MjiDE2eRt9zrcGIShzFwxIyY_8LXbp7Xefwid3WV-sunMI5jtfHgiIPT5eJAAcit5YcdpoRBASQ5a5e-Uf_zxJgUZzJo9dXPQNLssDoT_x7RlL3V9gNeHUJ5CLoHNJj3UHjtruGZ0zowe8lDSEU8kTyJzvKQauM2Z7BfK8y8689Tvl8558y44HTLYg8y7a4V4F7Xge5LqHMHQUTOATAFIHZRLmnnoxJwNIrtpg1oE49TJxGNuHxgWePLr-zzTv5O4Dz9n-KIZGAT1O0qs072thwOmr2En9ybdjybEHIRH7fg1icwG00kQkXT6e1WGMNtYRgRhc_TbD8SCmXyxXmygDv52hzTyX2Glgh6UgHI27MzFe30sLgpjFyb-qLWGbgNQd0j6h36f6w1i0UcEh4u4ESKYuAV-aczMTO1ri4XhUoC6P7tdyyF_H5RTVPRtG_HbMG2TIuMjpKIj1EmM8OYpyVjpbj21yWzTd-t9XP8hOI4P_0WgROVQUfQ-qBnmzi0r7VXKVUDOj3d5tlKvul68NRSfuWTrKCkWnXbE0qTwrgvoN0GzENoI7j5_sTvASYVF28JJ1Zlfh1wuNL-kKikJdelUbWrFVL6IAd-adUZwhg7cV1lPdJSLSdDiBSAdtQOWlIZgJi1iO2u_fEwwN_RYkTnkBYmvXMnzKhGdBiIXv0x4sdnJQ0Nn2U6NjxrZjzSL0AmKFxMfJ0qTTQiRZo6vrhZ4rxGr2l_nMgw_eC4mM1zjecdtYMxQiBQRZbhsmmkqvzwLk3rQEDdsTd5I4l3Mjtlq-6tlmn1Do4jpeCrEMSRvBdZjzeseGDR9LThMOSbGzcwzR9kyrEeeEbL12qkqY3LQhP5_5kyKuSJTvNbbPkLQV1HPCUXDbhXmo3tXOaFm8dLZ4tAW6t8mautz-1V_BgxTKocLJIKO2gf2ZdDTW4pz8a1kYkknlGMTxmlEJF9sjSWLbxFpZZOCFLJFzdOlr8Hgk2hvv30UR4-DWTpvvZQ_wl8GYvlIX1rEEdVD5y8jCdHsFYHeL0Y3D01FQ43H7bFuXvxibyfXc0aYwxlvUv-nhggrTiWq5mycxkok7nyhX-c3nYbwySF-1tNGABVO7k-R1xQQtmATFvEVLNzQ3qlulsfW42u_XSaTO_eyfxyejkgUmToG2W81cN4x74TUIEdrdtf1rTjxLyNTs2Ua9Fd2lxaDUl91JPxqbE6jutYN5eASP1SVuTRSKUfs9bd0viFd5VvJbTLBOqL5IgR8iyrtbh-EJkO_kl9HYtpZUv14587K_rOYVX6oxiBsSKtVs8EOECLCRDC3sqkMqueacapAtxYJPYvyqvbZq77Y3H1ZVCWWctlOyFf2VevsVz2kBKk2kTAO6XIfJIPeeoGBYGSnE5mbZNyGxGSzGXCT3_fJZyDd6eh_IembVJqPfAiQnoap5uPyX9fqRf7xse0JDn1d-Gy9dvpPBLJUjaZIlPUtOBgJ7GHPoid-Xn1vdiocS54lRVujX42kYTtf2VxZsa0ezLgRGe1RY-ONHRy8BLB-QBVPIDqAvPUwqarAVnY64NI-iCQ3Yz9_drQKWLduifPbiL_NW9IfFjEcxzrbze8NtmxuhgDHyefThqbMjM2BCGXkLor8dZN4hVSr8-TUPOeEM_G5ZhNVNk63y2CzWbEoZZRhDZine35SssIZI1rsXiiL2TSoqIQ-khTpjMhOQ-ty3SmDDexH9Viee3QIpZit3RnRvvBk58iyIJMvpxvQ3q6ilnbZl64c5f3uMMoScdPgTOfMxz8JNTgY2nQA9Kh46aph4u3dGtib-BrxRPCKRDHNNC0sQFoiVV4tUFi3MOMOMKBb086gdsPN_4TMRoPOwNubIPaENcOC&cid=CAQSSwBpAlJW-Wz_qm84JwihXR_AtXLCzCJAm7tiF8zw42zWvVqjDr4l4LnQAFZLje4WbpHSHwsYkxbZJ2WTT1V9ivKHFSZiLyC7qpSHwhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fsci-hub.mksa.top%2F&ds=l&xdt=1&iif=1&cor=12831931333067821000&adk=2124396030&idt=58&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 20:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 20:07:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/ Frame 2932 11 KB
4 KB 37ms
37ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:57:26 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2932 0
0 293ms
56ms Fetch
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNUqBAGgFtrtrf8gJ7z7b39bGziO-lz4-x9WEjQw2iqK8H9AWYjaJZFBhEsDV1U0MOb0JpjZ1R87w5RWy9pZkX52hiIbufpvo2C3hdrDWYa3XiVxkaTI0SE0IBYEVtIJQwCXoTd9k1AczsPgwDSRVFXKKebED0G2LUF6OUVx-gdjARNaWEvH9PFQtXBRSrZft6gBEMB3GIRnhohgTzBAFv3_fPWtq7V1VIxVCtksxKg_EruiGnhbEDZFmvpj-PN6jxBGOL5ln0ztPUl4F372QBMpPBk4oUwN01BeNIm4NvnZJXmPJYaiUAyEo_ELd0DFS2aF15bXj4h2BacUIR-AEPMqDfCxo87E3AsBV_eqh7EikmHGrVnmoJ79bkltUeB48T5WLByUIBy3R2EigASUMtG4BOe2M1hst1jK1TWQ9SNYCdMBoMhsEyVClUfnyqXFUD-I47fJ97FCGMZZ3PvWWPKkv-ItoiW1HqmS5D07KoYsGLEtMockPrGuM8yuh708y1eqmYIBav05bDywQS31APlx2hOEc9CgXZ583647QFxvh2yWzxl5IqLvxHIhd-As3kw5atQv74X2UgcZLa8ECHBH3IFVz4Jb9r9Xn6qk9huGI9Ar-IuYyLHfCAuZnb_65Hy0IBC2Db6_xQjLeZRAVBmLCjCEMSDowmUGVs33ghzY_eewTxxZCA_agP4mPGNA67IPQYFBw0_bpE-XjN_-_zbe_Jp0eE3J9KTxdcvjFDU4TWP4rWlsMJOlFZuyuo6cjRehgvnlh8GXu03HIQVMvniS1yaujsKrICTBGjFqgEFE6PRwfbBhnUCFLWJQXvBTQ-zLvK-lKNYHogSXtIF9oZ6UqYCOGkMNG93FHnnCgcOjsXfaF3Nv80JK8cwfxZjuvsF5-qlx3XmgKwIHLt5cmQrGejDhUEyTRZQHxgQNC_m_NDPC94OIwDpsTZ2wu74W-eKJpwJVKDJZtvqIeFmcqv8Nfx0KujRbmVuZuVfrKf9gTsmfXWYI81Z0mQ3QhvAFxDFJshIAbNT0BxfUpKDSKvNBO8wMxcJ7-Bpc8XsqEnWQgUWGEpFtWdX1TormQOEhI9o7XcPmHbUhi8VV6UZqe5gNxcrWygcS1fcWjL7XeKL-KT_8ZeJrh-cIcxlPiqdUPF4uiIy6myGWF3WJqCZhYJE20I5uxZXS7ZIFJw5HZABG3_fnZCl3P1CMNSuhvQs5wlbRZj2_D2wUpgdlFhr_ZdSByDisxVseNAE-KGUHbMaCspJuDbk8A6dMgijtOe9jHLIQ4bhwQIT7Z13OfKovS0X1pCVCoByidw7WnxS8eDMRCNTpJ17dD1hd_aWix2CV_6L_MOunW5AfuB4UmCGHoPsQ&sai=AMfl-YSmK5c0YSrhGNoxOereMaioulZvQFaFpAnI2vKe0lJpGV-icQG4DC3pNUSwpjU50SDb4yOPLN4OuTmWbjQJWif7UZqqbO7o-KVKkhSW8DzDl7Yc7KnZNOHk6MdjQpQHk4pX01naYPl3vX5a6seVa1oM8qj8yUz-6yrk7CQ7qZjpBe9OlDTq5JIPFM-h-mWmdEaTdFQVaLka66jRI9p0fwWKjH7L2pvnwjI2dUFSPy3NTbkHsaAcYLBX8wrXp5qScdH7XWBrbqjQc8DuLsWRsba26Cw-ckyf&sig=Cg0ArKJSzO7kc_OWWNsOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230918.47569&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Sep 2023 09:53:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 20 Sep 2023 09:53:28 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2932 41 KB
14 KB 37ms
36ms Script
text/javascript 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 03:29:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2024 03:29:03 GMT

GET
H2 200 7869795595591874522
s0.2mdn.net/simgad/ Frame 2932 103 KB
103 KB 114ms
36ms Image
image/png 172.253.62.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7869795595591874522

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f149.1e100.net

Software

sffe /

Resource Hash

9424d0b642baf9325f737b9f9ea126727a2b0724a47ed8bd5bb03f6735dce189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 04:44:40 GMT
x-content-type-options: nosniff
age: 18528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105105
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 19:12:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Sep 2024 04:44:40 GMT

GET
DATA 200
OK truncated
/ Frame 2932 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29b41106e2f73ac3140df5492401d9db0b3788b56d399fd745d76fdfaf132ff3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 69FC 22 KB
8 KB 37ms
36ms Document
text/html 142.251.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 113675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 02:18:53 GMT
expires: Wed, 18 Sep 2024 02:18:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame 69FC 38 KB
14 KB 37ms
37ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 447495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 05:35:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2932 0
0 121ms
48ms Fetch
image/gif 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNUqBAGgFtrtrf8gJ7z7b39bGziO-lz4-x9WEjQw2iqK8H9AWYjaJZFBhEsDV1U0MOb0JpjZ1R87w5RWy9pZkX52hiIbufpvo2C3hdrDWYa3XiVxkaTI0SE0IBYEVtIJQwCXoTd9k1AczsPgwDSRVFXKKebED0G2LUF6OUVx-gdjARNaWEvH9PFQtXBRSrZft6gBEMB3GIRnhohgTzBAFv3_fPWtq7V1VIxVCtksxKg_EruiGnhbEDZFmvpj-PN6jxBGOL5ln0ztPUl4F372QBMpPBk4oUwN01BeNIm4NvnZJXmPJYaiUAyEo_ELd0DFS2aF15bXj4h2BacUIR-AEPMqDfCxo87E3AsBV_eqh7EikmHGrVnmoJ79bkltUeB48T5WLByUIBy3R2EigASUMtG4BOe2M1hst1jK1TWQ9SNYCdMBoMhsEyVClUfnyqXFUD-I47fJ97FCGMZZ3PvWWPKkv-ItoiW1HqmS5D07KoYsGLEtMockPrGuM8yuh708y1eqmYIBav05bDywQS31APlx2hOEc9CgXZ583647QFxvh2yWzxl5IqLvxHIhd-As3kw5atQv74X2UgcZLa8ECHBH3IFVz4Jb9r9Xn6qk9huGI9Ar-IuYyLHfCAuZnb_65Hy0IBC2Db6_xQjLeZRAVBmLCjCEMSDowmUGVs33ghzY_eewTxxZCA_agP4mPGNA67IPQYFBw0_bpE-XjN_-_zbe_Jp0eE3J9KTxdcvjFDU4TWP4rWlsMJOlFZuyuo6cjRehgvnlh8GXu03HIQVMvniS1yaujsKrICTBGjFqgEFE6PRwfbBhnUCFLWJQXvBTQ-zLvK-lKNYHogSXtIF9oZ6UqYCOGkMNG93FHnnCgcOjsXfaF3Nv80JK8cwfxZjuvsF5-qlx3XmgKwIHLt5cmQrGejDhUEyTRZQHxgQNC_m_NDPC94OIwDpsTZ2wu74W-eKJpwJVKDJZtvqIeFmcqv8Nfx0KujRbmVuZuVfrKf9gTsmfXWYI81Z0mQ3QhvAFxDFJshIAbNT0BxfUpKDSKvNBO8wMxcJ7-Bpc8XsqEnWQgUWGEpFtWdX1TormQOEhI9o7XcPmHbUhi8VV6UZqe5gNxcrWygcS1fcWjL7XeKL-KT_8ZeJrh-cIcxlPiqdUPF4uiIy6myGWF3WJqCZhYJE20I5uxZXS7ZIFJw5HZABG3_fnZCl3P1CMNSuhvQs5wlbRZj2_D2wUpgdlFhr_ZdSByDisxVseNAE-KGUHbMaCspJuDbk8A6dMgijtOe9jHLIQ4bhwQIT7Z13OfKovS0X1pCVCoByidw7WnxS8eDMRCNTpJ17dD1hd_aWix2CV_6L_MOunW5AfuB4UmCGHoPsQ&sai=AMfl-YSmK5c0YSrhGNoxOereMaioulZvQFaFpAnI2vKe0lJpGV-icQG4DC3pNUSwpjU50SDb4yOPLN4OuTmWbjQJWif7UZqqbO7o-KVKkhSW8DzDl7Yc7KnZNOHk6MdjQpQHk4pX01naYPl3vX5a6seVa1oM8qj8yUz-6yrk7CQ7qZjpBe9OlDTq5JIPFM-h-mWmdEaTdFQVaLka66jRI9p0fwWKjH7L2pvnwjI2dUFSPy3NTbkHsaAcYLBX8wrXp5qScdH7XWBrbqjQc8DuLsWRsba26Cw-ckyf&sig=Cg0ArKJSzO7kc_OWWNsOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&vt=11&dtpt=164&dett=2&cstd=0&cisv=r20230918.47569&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 09:53:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Sep 2023 09:53:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69FC 0
20 B 53ms
53ms Image
image/gif 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BStXqGMEKZYXQJfLMoPwP76mPgAkAAAAAOAHgBAI&bg=!REelRwjNAAZQjyUVcI87ADQBe5WfOGYCkUq5zUV3AzUYO4rJ1uwg1LLrX8svhjbDDJeG_Fa7-vrYyeDhFN6-_etVvGJNAgAAAElSAAAABWgBBwoAQtGpYP7tBMf8JL7ChCbeWAd3M-9m1SarYqgpYpzLKniiPFvO-AXFUmvbhtID2X-72i4LNnxvPKPwuGdBcFK8XV_bfJkC-LfQGt1WE3q91uA6bgtdi84RLeNS__RSluakBPYZ5PIaZod6aKnLeC5-ja3NLJeYugqIYscrRvlF8AHb_-fSbgo3krjWtsus-3GWf0SLomhz_b6PxnGZ1I5urvfnUGQO4_Goe6dm0lQ-U0p4wW9fHi28K2cK-jfD2knZrBB8_pZXmjsVHdt7FcDFv7hvs0bxjNEloLPiAWkXuqAyBYp7B2IKEoeSNPNk2jy_f8MaiYCivXtsQ769yymGz1VJ-XWeXnKBKWwpdhbk6UeIBdaNDaafMtZPhfipHs-FT5FkZvv5R4pNkAt3_Wc096eVPgjfjcgcgODmic6Iv3no2MDK2OE3iJmGsMsRyAbu7GOoCQZmTWSEs7Vv6LZig2Y6mXzk3z5vnHXc6iOvibgWrcBs2G7JcxZSwLOzzyb6u9-7_8TmTB8BSV-2F5PUdLkqCpyQ3RNAQDYTqkICCSa7yybj0_oW25US6iF8GpZ1tk5hlVnagfqfiPlmgn7v0buRoctjvtgldq6EoDfF1oO_LA6TUHFttNudbaWE5hzuPfL9RelDP4ueZbdrom3LN1_o__L6YQ3PibsO1er_xCtO1j4qCZ_JBvvYmo4DxKuI9itnJVW1g55tn0Y0ecqrtoRCd6fUUivMsG0qvmcQ9_9M0XkoE9OHDwyVEhFdm20yV-7HosfvTc-IIhnxxubivUBoq3g_FRsQMd-MU14zMZgarnuAvTeRrgXU33xdVMO8M81PIN-bySHdP0wXeLmXu9dxSnvzRyLbjEP8FLWxEmwXqIQyBXZVpk4UhhlVHpSdZ-wREJMs8iwcDkqvji8uhka85Jt5viCMmnCBXXO8JKW_gICGlP4J1PDqTPifLu_V8aLz-XuFN7eXj0TQmiQjkkdac_6HMj3hgJofltGwwuZt_ui09ZTxiNwTctkMbt2jDx7gsrOoGHApOB0ip4oawxy0uwVdliiUoHjzF7uMBRNudJPNQEKGyPZMBB2SVYl-uiwWg_ecNUgE7_jDfXk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS