sci-hub.hkvisa.net Open in urlscan Pro
185.178.208.158  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

• https://d.agkn.com/pixel/2175/?google_gid=CAESEC1IzqFmhEEMyygDrwP1lBg&google_cver=1&google_push=AYg5qPIVe0WM0migZTIXH8z81oTOjcT1jn3V4w4l06NAfss3zPmYS8Mk880qk0cH7G_mnfs2rHIzFpLzcgcVjDf9fmNQK72N1yM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIVe0WM0migZTIXH8z81oTOjcT1jn3V4w4l06NAfss3zPmYS8Mk880qk0cH7G_mnfs2rHIzFpLzcgcVjDf9fmNQK72N1yM&google_hm=Q0FFU0VDMUl6cUZtaEVFTXl5Z0Ryd1AxbEJn

Request Chain 92

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBsxjvc2iacvzgZoiw3z4KA&google_cver=1&google_push=AYg5qPL4XgCL7bGL1wLcBArhDT6DuQKguXUYJEJx-aGJxH3Crl6Y8ISDjanaFxFnkit5mImPmQow3yAlZdhy3j31hewdMf8eW_F0 HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBsxjvc2iacvzgZoiw3z4KA&google_cver=1&google_push=AYg5qPL4XgCL7bGL1wLcBArhDT6DuQKguXUYJEJx-aGJxH3Crl6Y8ISDjanaFxFnkit5mImPmQow3yAlZdhy3j31hewdMf8eW_F0&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4XgCL7bGL1wLcBArhDT6DuQKguXUYJEJx-aGJxH3Crl6Y8ISDjanaFxFnkit5mImPmQow3yAlZdhy3j31hewdMf8eW_F0

Request Chain 93

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMgVFSIorRnurZLfZzT3fXQ&google_cver=1&google_push=AYg5qPLwqHv_Pj5q7DOcSmfotjFOai8CjXjreGr0aXy3zF7rz6lLkfx0t99Yx6N3usjFf64U7ygS_bRUmWVtvTiP0SN-mFRd0OE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI1WDgtMUotQTQzTg==&google_push=AYg5qPLwqHv_Pj5q7DOcSmfotjFOai8CjXjreGr0aXy3zF7rz6lLkfx0t99Yx6N3usjFf64U7ygS_bRUmWVtvTiP0SN-mFRd0OE

Request Chain 94

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_cver=1&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h

Request Chain 96

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM_b-7y0hekTo1-gD38dWBY&google_cver=1&google_push=AYg5qPLAUZDJG9b9WXpDqIXl3p_E_Lt15lDqyIzebSABzK3r2Q7QyIGctQmXamL4Yqz2ZZu8oRv3ydXSTDZEX06u2y3TbOemqDeb HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLAUZDJG9b9WXpDqIXl3p_E_Lt15lDqyIzebSABzK3r2Q7QyIGctQmXamL4Yqz2ZZu8oRv3ydXSTDZEX06u2y3TbOemqDeb&google_hm=DOeTxqTzCqfdLko4iYvcVg

Request Chain 136

• https://d.agkn.com/pixel/2175/?google_gid=CAESEAyx8UwLDvp69bbl-JmaDsM&google_cver=1&google_push=AYg5qPJeXqN6IopYGVVBW7Nxu0rDIpZjT8sGPPND4bSdwKGOfwAbMDBVl9o_ruEnw_PKsIZIJm9wGvwTDlORjYKN23QmwSYL7riaAw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJeXqN6IopYGVVBW7Nxu0rDIpZjT8sGPPND4bSdwKGOfwAbMDBVl9o_ruEnw_PKsIZIJm9wGvwTDlORjYKN23QmwSYL7riaAw&google_hm=Q0FFU0VBeXg4VXdMRHZwNjliYmwtSm1hRHNN

Request Chain 138

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM_cCE9cJnSO-h5LQQ2hgrg&google_cver=1&google_push=AYg5qPJcW34MbifrpMPlugoqCvoSeYp6Rt2iYr1MBg2CZUCxyoxzBEm_hIHlLEz--yeXsZRWjm1x7YdIoox2d7YdHGQ6sFWyvKdNng HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcW34MbifrpMPlugoqCvoSeYp6Rt2iYr1MBg2CZUCxyoxzBEm_hIHlLEz--yeXsZRWjm1x7YdIoox2d7YdHGQ6sFWyvKdNng

Request Chain 139

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAR3woCt-SMyPRTp2Mk8-2M&google_cver=1&google_push=AYg5qPIVg3Q5Di97zk2HeabX-IG0etBIC851zYEcozTyjRfdcFGVBIygzG8svUpiEO1cUNQzm9MHk2Jq8qSDJqntUlwTIpxiQQFhSQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI2NlItUy1KR1Ay&google_push=AYg5qPIVg3Q5Di97zk2HeabX-IG0etBIC851zYEcozTyjRfdcFGVBIygzG8svUpiEO1cUNQzm9MHk2Jq8qSDJqntUlwTIpxiQQFhSQ

Request Chain 140

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1

Request Chain 141

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECtf48FYOKYYAN_ZABwxsVQ&google_cver=1&google_push=AYg5qPJRvhYIzifey42AZuO8s-iqB-X7sAiwXUOezUGraJLuVyuH_yxpo9ZjCGIrdifrM_6D1d8Q0ior-y4jUaeTLe0TMPXP_dI8CNU HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJRvhYIzifey42AZuO8s-iqB-X7sAiwXUOezUGraJLuVyuH_yxpo9ZjCGIrdifrM_6D1d8Q0ior-y4jUaeTLe0TMPXP_dI8CNU&google_hm=

Request Chain 146

• https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
• https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

Request Chain 160

• https://p1.ntvk1.ru/nps HTTP 302
• https://optinder.com/cro

Request Chain 166

• https://dmg.digitaltarget.ru/1/7248/i/i?i=414458319025465.800793575578828&c=tg:adcm_pc HTTP 302
• https://dmg.digitaltarget.ru/1/7248/i/i?i=414458319025465.800793575578828&c=tg:adcm_pc&q=scc

Request Chain 167

• https://dmg.digitaltarget.ru/1/6534/i/i?i=414458319025465.179980478499214&c=tg:adcm_pc HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=414458319025465.179980478499214&c=tg:adcm_pc HTTP 307
• https://fnc.rt.ru/1/6532/i/i?i=3l1z-LP58v0HteR76p0H&c=tg:rds_6534 HTTP 307
• https://fnc.rt.ru/awg/custom/6532/i/i?call_source=awg&i=3l1z-LP58v0HteR76p0H&c=tg:rds_6534 HTTP 307
• https://dmg.digitaltarget.ru/1/6533/i/i?i=xKMWRuE5oGHzZkK7FuhZ&a=774&e=8fvlvR854OA2.3k7F5F1

Request Chain 168

• https://dmg.digitaltarget.ru/1/1086/i/i?i=414458319025465.678077257481992&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:dut_cnuyBxghrEen9S6TYsjC.xps:xpsw1FsVwJeRwRzZWNvbQcGDN.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=414458319025465.678077257481992&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:dut_cnuyBxghrEen9S6TYsjC.xps:xpsw1FsVwJeRwRzZWNvbQcGDN.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
• https://matcher.upravel.com/m?id=DBF5TKgqqF355555Yrg4&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D%26rds%3D1086 HTTP 302
• https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=dbb57d19-2e94-4813-8062-0fa3bcb03d80&rds=1086

Request Chain 169

• https://dmg.digitaltarget.ru/1/1086/i/i?i=414458319025465.632075444931107&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:dut_cnuyBxghrEen9S6TYsjC.xps:xpsw1FsVwJeRwRzZWNvbQcGDN.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=414458319025465.632075444931107&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:dut_cnuyBxghrEen9S6TYsjC.xps:xpsw1FsVwJeRwRzZWNvbQcGDN.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_noorient HTTP 307
• https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086 HTTP 302
• https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086&cc=1 HTTP 302
• https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMTIaNtGSKRfuXXN+b55UFHA==&c=pc:&i=811af7db&rds=1086

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sci-hub.hkvisa.net/	27 KB 7 KB	629ms 224ms	Document text/html	185.178.208.158 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://sci-hub.hkvisa.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.178.208.158 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 82ac8f104261c3157de398ab098d3408aae49c5585388a206f3537f57a10ba20 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server ddos-guard content-security-policy upgrade-insecure-requests; date Fri, 28 Jan 2022 02:54:53 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding expires Fri, 28 Jan 2022 14:54:53 GMT cache-control max-age=43200 no-cache x-cache MISS MISS content-encoding gzip
GET H2	200	jquery-3.1.1.min.js Show response img.sci-hub.shop/scihub/	85 KB 31 KB	181ms 32ms	Script application/javascript	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 411953 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 30 Nov 2018 04:24:28 GMT server cloudflare etag W/"5c00bb7c-152b5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fhgoe0eZla7PM%2BLG9BkJJsAgy4pErpoTghWDO135oZbin6XLJz9eT23OAglagKVcSNW7rWfO%2B7CYEBhvICSD68nsTw2V8ajqEQhlJjr8tGRhjdJADtus0K%2Bxr6tPf29H4owhYXMlmYBAEuI6bSlV"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 6d46f0506a208877-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-ui.min.js Show response img.sci-hub.shop/scihub/	248 KB 68 KB	182ms 33ms	Script application/javascript	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://img.sci-hub.shop/scihub/jquery-ui.min.js Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 327774 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 14 Dec 2018 08:14:20 GMT server cloudflare etag W/"5c13665c-3dee4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09Hia0ej4vNoZe8oT72pzqX8mK0TlyxyH3%2FKneFnX%2BbRHOjT7qRIaIhYpy5K%2BZAixZ%2Bio9IGGDznc2jRllaxGWYz%2BOgn4P1wehlVK0sxBKrUKJVcDeD%2Ba5vWLGpDliuHrWMhmLVPvaQ6NuJ7LKAq"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 6d46f0506a228877-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	openapi.js Show response img.sci-hub.shop/scihub/	94 KB 24 KB	178ms 30ms	Script application/javascript	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://img.sci-hub.shop/scihub/openapi.js Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 327774 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 30 Nov 2018 04:24:44 GMT server cloudflare etag W/"5c00bb8c-1798d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a%2F7%2FIlyenWsx6QE42pMEc5Be7VHKRcyqU%2F6xiJUuBV%2B2eqcMCQ7V0WI8Qp3G9I2zuRX0kCivoRlxbC%2Bfc%2FFBljTr4UQDVZPW3TSxheCl%2FksdQBslL%2BxihGqsnxXSZw8axh8nwAshtJyYSL10EH1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 6d46f0506a238877-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	medal.png img.sci-hub.shop/scihub/	22 KB 22 KB	23ms 22ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/medal.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 333243 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22275 last-modified Fri, 30 Nov 2018 06:13:38 GMT server cloudflare etag "5c00d512-5703" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbPtubdza1Fskb86TXa4YOqaPZTvsm0vZ1eKS4hiy8bIE2AAA6mlXHQ4QOOLRnd05raWqLWZPV7sSeYovJLXwbWJmLtMNYKO8oCwyKnVMjQB%2BtTUO4HsNOD7MuGDhEykZqG9POM%2B2T3O2%2BEmwFNu"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050aa668877-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	key_1.png img.sci-hub.shop/scihub/	8 KB 9 KB	22ms 21ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/key_1.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 415089 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8428 last-modified Fri, 30 Nov 2018 06:13:40 GMT server cloudflare etag "5c00d514-20ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BHorVu3%2BrYCcLT8LT%2F%2F6EOjjzjyL0db0FwYmSsC%2ByYtC2yDTkw6gAO8I2DY3rLp1rCJIjJsv8GK1JwzZSHWP3tE4YWj%2BMtExR2dGDQgBUNAacJefFPar0kuiui8LnvEUYsR%2BGzzTTrAgM5G1ica"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050ca8f8877-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	148 KB 52 KB	140ms 56ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash aed36730375206aae6883cdf446ae910ae4e3d23653de7a19111c2bcb405aa5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52571 x-xss-protection 0 server cafe etag 1081543537594969973 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 28 Jan 2022 02:54:53 GMT
GET H3	200	top-back.jpg img.sci-hub.shop/scihub/	184 KB 185 KB	22ms 22ms	Image image/jpeg	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/top-back.jpg Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328091 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 188646 last-modified Mon, 16 Sep 2019 12:17:02 GMT server cloudflare etag "5d7f7d3e-2e0e6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgA6snh9zOTfhdbvrJ%2F2huUAB580jnH8sicXPRedzkVbHSVYxWPysACJEChAMYW5e%2Fng2LmniTabdZzwaora4%2BW%2B10d9ORRDssXzqU9MfEevjtchFLB%2BFblOlfRPmOTgblwxOY%2Fp46oWiwmVvF8y"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efac7519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	logo_en.png img.sci-hub.shop/scihub/	14 KB 15 KB	88ms 87ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/logo_en.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328037 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14556 last-modified Fri, 30 Nov 2018 05:56:38 GMT server cloudflare etag "5c00d116-38dc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAS5RtzQTNA%2BIkSha3oNqVtGLmWNpiU4PECUxJuJtF0Dwe4cM0E5EawLJBMW5lSppUYX6XgLBMjDv4a%2BYXuYd4pzpuWZlherKuT0x8vCDLgyEEQpnKVKPNB%2FX%2FRuxgfUbg2Gpv1sa2qRroPn73tE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efb17519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	raven_1.png img.sci-hub.shop/scihub/	59 KB 59 KB	34ms 32ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/raven_1.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328091 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 60144 last-modified Fri, 30 Nov 2018 05:56:32 GMT server cloudflare etag "5c00d110-eaf0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eHudlY7BbAhixv1fXO1%2BSd8a6ujrnVlzChcn%2BMSSNekyQyiCecfukA%2FqcBNqVW5TZzVfIY9CO4FYRWNBAvEudxMiR3RncassTSULirVoyr8jLeKLxYXlYMr1sq63TizVBSdcAL%2FDHOtkkuA%2Be8W"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efb27519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	map.jpg img.sci-hub.shop/scihub/	54 KB 55 KB	89ms 87ms	Image image/jpeg	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/map.jpg Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328241 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 55605 last-modified Fri, 30 Nov 2018 05:56:52 GMT server cloudflare etag "5c00d124-d935" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT%2F9zqqE%2B8lR7zSyJ8PZ1kmO%2FCEkTA%2Bs%2BQaosRFf%2BrGKx8Hv7Tk1a4nOvXUbYPsKd3GuA9Rqekjs95imwO5e545e0uxqVHdGYGvIvIA9bM2wPhcquRkp%2BIJMugFxQS0RmEzfPfBtqarvlyWP1cu%2B"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efb47519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	about-marker_en.png img.sci-hub.shop/scihub/	3 KB 4 KB	102ms 99ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/about-marker_en.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328055 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3361 last-modified Fri, 30 Nov 2018 05:57:02 GMT server cloudflare etag "5c00d12e-d21" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2ou65KCj63QBUfYVAFL247rxK0SSPznj4Mh7nBHiUvvXmRcXFTZqZS2OnJiKBVEOKmWODXdDqdXyvkv4G5UJnxbpof7DlUG9fsW%2FRgA2ErXirNTmda9k5mx5o3Kl3ZHRLZQhEimfKE6SGsU7VY3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efb77519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	quote.png img.sci-hub.shop/scihub/	1 KB 2 KB	102ms 99ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/quote.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328036 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1068 last-modified Fri, 30 Nov 2018 05:57:12 GMT server cloudflare etag "5c00d138-42c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8YGaM3oRIbb8u2%2Feg13clGovIpbHCJUBSidoRbdNuaWaP%2Fc9g0rsjfLv1G8sViYFPLakltW%2F8k5WiJrZ1kkuILZAqnCeqYJ665PCSylIRZ3txfyT8yLRMl9ceeYOMaPFNE%2F0uKEm6AslBwxW%2B64"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efbb7519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	quotenext_en.png img.sci-hub.shop/scihub/	1 KB 2 KB	104ms 102ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/quotenext_en.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328036 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1087 last-modified Fri, 30 Nov 2018 05:57:18 GMT server cloudflare etag "5c00d13e-43f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d3KbjibYOtbz5y7wbjw4XRMsm%2BC7F5HBRA0ah5hMmsBubdzA3qT54Ib4xFEGZs4f%2FCR%2Bfrs%2BXBENn9r11wmndF%2FXsiiODSzX0bRJ29WPdWCJ1mvG3GxKjzdh8o4nxdrLHUg18lr807DLmetkrhJ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efbd7519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	pone.png img.sci-hub.shop/scihub/	2 KB 2 KB	105ms 102ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/pone.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328199 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1637 last-modified Fri, 30 Nov 2018 05:57:24 GMT server cloudflare etag "5c00d144-665" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aM63F5t5H8jrDb0cwt4ljmk%2FUtF76dB2rxiNbxSnr3m1vmIFZvLqmxG2%2Bvk63%2FKVnY2ddYcIxrsHWNReiskMa%2BMfryqI1hKgVAD%2F3xs0rvK%2FbfKeAWSwBNK%2B9IAEYwE3WKr191z5WH6O0C%2FTckjA"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efbf7519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	ptwo.png img.sci-hub.shop/scihub/	4 KB 4 KB	105ms 103ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/ptwo.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328241 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3907 last-modified Fri, 30 Nov 2018 05:57:30 GMT server cloudflare etag "5c00d14a-f43" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=An75a5i4IAIN23KqI6ZoNTd9plFB2AsxjZ2mU0RWFk%2F7R20%2Bsrkx84subkZm5EmmE4GzPb%2FjA74%2BNoB6XCrSKJ4hzx2Er60U8NE0QVtuoe5QLkvTEGtQOLgpk2bQgju7fbxWx7y9WeaFn0J9r%2FgF"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efc07519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	pthree.png img.sci-hub.shop/scihub/	4 KB 5 KB	105ms 103ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/pthree.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328036 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4278 last-modified Fri, 30 Nov 2018 05:57:36 GMT server cloudflare etag "5c00d150-10b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xJtk797SPvKvXfTdpZgMzpfkEmy4Y%2FUKo8K4ueXD2o4xwG8zm46SvruoSPFAlO2LHXfD7Xs6pOla64E5cjR8ruJMYAFmNJR3xTDiofuVg1oRaJ1hVmp6Qjqt9O1dMDlh%2BTvEGIWmWwiwuMFNbsh"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efc17519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	people.jpg img.sci-hub.shop/scihub/	50 KB 51 KB	106ms 103ms	Image image/jpeg	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/people.jpg Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328241 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 51212 last-modified Fri, 30 Nov 2018 05:57:56 GMT server cloudflare etag "5c00d164-c80c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQkKSUa97zL31%2FN4ixgtINy27LULuHOShoNnUONg299KXblQa8kTup%2BBOqxJEkYDveM1%2BRNnjP8E3F0zBbhUqVYKPmtFbvVVxR4kAgHl5Ddxx74yaOfmXV8er5gTwHhu7gfLvjVgSi%2BFqxRUEMca"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efc37519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	join_en.png img.sci-hub.shop/scihub/	6 KB 7 KB	107ms 105ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/join_en.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328241 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6197 last-modified Fri, 30 Nov 2018 05:58:24 GMT server cloudflare etag "5c00d180-1835" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5AKfm9C0%2FUQKGBxm6CNBO754OPXClpOZDir7c%2FGwxCURSCY2%2BaaaFWfu0mlZTYbyNhDH%2FEPYyVcfP%2BN3mMURHPZyQjxaYcb6Q4LbASHLvkwknubSuouc2gvXTaZVCHjGycCI%2Bgfa5%2FfctlKau1A"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efc47519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	joinvk.png img.sci-hub.shop/scihub/	17 KB 18 KB	108ms 106ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/joinvk.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328241 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17834 last-modified Fri, 30 Nov 2018 05:58:30 GMT server cloudflare etag "5c00d186-45aa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVZb%2Bqh2Oso3Y%2FNZPATiB1hEUEdU0eNs1XoHWpCliWig27hgiJqXXHUHv8WGejhV7MHO33cNtXWAJpupyi4pm2dmj41z6ME5Pez%2BC2pCiQEu0l7zbS5RrYuqxgY4hnD1UkSb0tnb67dTMfuwMNPQ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efc57519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	jointwitter.png img.sci-hub.shop/scihub/	6 KB 6 KB	110ms 108ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/jointwitter.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328241 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5751 last-modified Fri, 30 Nov 2018 05:58:42 GMT server cloudflare etag "5c00d192-1677" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLwsvWVTRZmFKE6E862yelVHcEiDo2KQcMX%2B9mGjIZbTskr%2FqeLvtxzg5bK6NKyJqXClwGWL86n%2F0A%2FM0EDXJSEU5jQH%2B33tMXeELX4G7XFl%2Fa5y2tR%2FimjFF6q02Yers3XO8QtAUQ47Pok06eJ7"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efc67519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	joinfacebook.png img.sci-hub.shop/scihub/	4 KB 5 KB	110ms 108ms	Image image/png	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.sci-hub.shop/scihub/joinfacebook.png Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328035 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4152 last-modified Fri, 30 Nov 2018 05:58:36 GMT server cloudflare etag "5c00d18c-1038" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwNVBF874aRG9YZUDhzoAnCa11Xt3yZ%2FKzQvjl0G%2B11ARXFkYut%2FQOifhXN1IGu1P5ZDYpHp4K374eB3QzJ5zKLCt7JRUgg1uYHca8XeInL5Oa%2F%2BL0HTbtASOhMB%2BDvoZqd9YCzkJQC%2Bb8Al%2Fy3J"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 6d46f050efc77519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET		AvenirLTW01-55Roman.woff2 img.sci-hub.shop/misc/fonts/	0 0
GET H3	200	pluso-like.js Show response img.sci-hub.shop/scihub/	41 KB 13 KB	75ms 75ms	Script application/javascript	2a06:98c1:3120:: CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://img.sci-hub.shop/scihub/pluso-like.js Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120:: , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 328035 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 30 Nov 2018 04:39:20 GMT server cloudflare etag W/"5c00bef8-a5cc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSwrQqmgoVOVuo%2B2N00SuT8Pd%2Bk6n7nsX8Z2gDqlgDwtJyL3HURnVfYDfbaEi5kJtl5JB1yKFUjmAR49F7sQgum9Egrvd68vHcrI7S3uqAw2ZFlK4OFjWetFr%2BKvMIXKgibE6XYAKGYi6QbFPP2r"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 6d46f0512ffe7519-LHR expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/	284 KB 102 KB	111ms 64ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 631485082735bf548eeeaef58fb409fefed685432666d06baaf1da7a60a0ae1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:53 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104642 x-xss-protection 0 server cafe etag 16263154745089440287 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 28 Jan 2022 02:54:53 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 45C3	10 KB 5 KB	126ms 38ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4612 x-xss-protection 0 date Thu, 27 Jan 2022 15:52:32 GMT expires Thu, 10 Feb 2022 15:52:32 GMT cache-control public, max-age=1209600 age 39741 etag 18247940800414524076 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	214 B 644 B	128ms 45ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 0d0ad17be1995ddd9cfb3e65a717b5ddf390ff35912be607b75057addf7b4e07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 200 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	129ms 45ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=sci-hub.hkvisa.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	129ms 46ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame B0A2	86 KB 31 KB	466ms 423ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 26d339369e1c5140e112272b1447aba05dff8b98f551db0f484f736c9b7b3a39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 31654 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 35D5	436 B 234 B	142ms 106ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493787&bpp=2&bdt=456&idt=227&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7l0K9Zm7vo&p=https%3A//sci-hub.hkvisa.net&dtd=230 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7d32386de229007b34e3091a04453624dd090f88567ea356dddeccecef9da1d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 211 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	72ms 72ms	Image image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175 Requested by Host: sci-hub.hkvisa.net URL: https://sci-hub.hkvisa.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 74AB	247 KB 56 KB	470ms 443ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1643338494&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493799&bpp=1&bdt=468&idt=221&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=227 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a41d89cd30bf5fbb80534cd3aafc58837e237939ae7b6af13ea496a312dfda37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 57511 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private
GET H2	200	4f0fd669188cad1c7ccc61140507409e.js Show response www.gstatic.com/mysidia/ Frame B0A2	8 KB 4 KB	120ms 37ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/4f0fd669188cad1c7ccc61140507409e.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d6d254d04b4d7ed36b0cc3c11fbc46d4cf376428a1a110bb7e0617a3034ff64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:24:03 GMT content-encoding gzip x-content-type-options nosniff age 45051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3356 x-xss-protection 0 last-modified Fri, 21 Jan 2022 01:20:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 14:24:03 GMT
GET H2	200	6c2d6b1206f3d1fe21ef2c83ec0fd504.js Show response www.gstatic.com/mysidia/ Frame B0A2	8 KB 4 KB	121ms 37ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/6c2d6b1206f3d1fe21ef2c83ec0fd504.js?tag=text/vanilla_highlight Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f464b353ea31f3c703986ea74b4578e04b7d5c0ab28f46db9895890afeec2309 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 20:41:04 GMT content-encoding gzip x-content-type-options nosniff age 22430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3844 x-xss-protection 0 last-modified Tue, 25 Jan 2022 02:23:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 20:41:04 GMT
GET H2	200	css fonts.googleapis.com/ Frame B0A2	8 KB 1 KB	129ms 48ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:18:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:54:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B0A2	1 KB 875 B	84ms 36ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:00:43 GMT content-encoding gzip x-content-type-options nosniff age 3251 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 848 x-xss-protection 0 server cafe etag 2277666839114365613 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:00:43 GMT
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame B0A2	18 KB 8 KB	122ms 40ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:45:06 GMT content-encoding gzip x-content-type-options nosniff age 588 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7644 x-xss-protection 0 server cafe etag 6659623896352890502 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:45:06 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B0A2	2 KB 1 KB	84ms 37ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:01:27 GMT content-encoding gzip x-content-type-options nosniff age 3207 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:01:27 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B0A2	14 KB 6 KB	126ms 44ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:41:39 GMT content-encoding gzip x-content-type-options nosniff age 795 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6123 x-xss-protection 0 server cafe etag 15358646999216992880 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:41:39 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B0A2	123 KB 38 KB	52ms 19ms	Script text/javascript	2a00:1450:400e:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38288 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643200382015849" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	fccbdb50d0e11463e1edb3d8fcf7c364.js Show response www.gstatic.com/mysidia/ Frame B0A2	27 KB 11 KB	82ms 36ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 16:51:03 GMT content-encoding gzip x-content-type-options nosniff age 36231 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11411 x-xss-protection 0 last-modified Tue, 25 Jan 2022 02:23:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 16:51:03 GMT
GET H3	200	reactive_library_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/	150 KB 54 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/reactive_library_fy2019.js?bust=31064578 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 01ad586a23cf27d49a6766dd07f7d185b312ba0db1a9296b44060568f199633a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 54793 x-xss-protection 0 server cafe etag 7140802506417296135 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	98ms 49ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=sci-hub.hkvisa.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	89ms 45ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D64A	25 KB 11 KB	135ms 135ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b504cbadc65909d42f8de1a2e63674cc1493c8bcd16da04ffa5061e32e76f07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 11411 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 784E	436 B 236 B	136ms 136ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=v08eKGFIoM&p=https%3A//sci-hub.hkvisa.net&dtd=13 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0a24ecfe4c703e0ee11146fb85bec4af6e150d6e09da28b84c6fc7e9b45b008a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 212 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 50F1	436 B 237 B	127ms 127ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1227&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=KDNo1yLnal&p=https%3A//sci-hub.hkvisa.net&dtd=16 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3a7cb7cfb198839418439dfc9e9186532c149724bc1ae3a48f09058ea8d71a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 213 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame E149	436 B 237 B	133ms 132ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1440028034&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=0&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=XBhaiCvvB2&p=https%3A//sci-hub.hkvisa.net&dtd=18 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a230157018322f703c8294a812aa6e20be9e68bf913e95c8271685d0972db41d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 213 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 6BDD	10 KB 5 KB	37ms 36ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4612 x-xss-protection 0 date Thu, 27 Jan 2022 16:10:35 GMT expires Thu, 10 Feb 2022 16:10:35 GMT cache-control public, max-age=1209600 age 38659 etag 18247940800414524076 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame A5E7	10 KB 5 KB	36ms 36ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4612 x-xss-protection 0 date Thu, 27 Jan 2022 16:10:35 GMT expires Thu, 10 Feb 2022 16:10:35 GMT cache-control public, max-age=1209600 age 38659 etag 18247940800414524076 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame B0A2	0 0	82ms 80ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CgQRo_lrzYaeyBcfD7_UPqe-NwAXgmOSLY7zc6tjSDZuxxJ3UJRABIPOq4XtgleKQgqAHoAHQpPT3A8gBAakC1xMAHPKwsj6oAwHIA8sEqgTVAU_Q3McHSUvoL3-y3hRQY0CJ8OPK-W-vxnvu-0HuuUstOEP19LAEmxsZZ2-aamBl6ze-TUYKacl_gLqLfRx_z15G6MN-5_oMe30gIUbgvTUrGoTi0uWqBU2O7jOV-MY5cCEZTnsn634AK72dyOOtWqn6IIlHZCYNPkvDyYWso4IQudxbXdKXoQ2Qm63WauwdKjtwNjjS-stQKZCdIJG7yWSxyKRtcHctbBiWV-d4X-oDCu2tDJBg01PU4hxzdfrcYn-siytW1_SAizqCjnU4vUaPHf6wBsAEuNbj6NMDkgUECAQYAZIFBAgFGASAB8ivyL4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQt5oV0ggJCIDhgBAQARgfgAoByAsB2BMCiBQB0BUBgBcBshccChoIABIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=ZgpVnxx1rIQ&uach_m=[UACH] Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Fri, 28 Jan 2022 02:54:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 3692	143 B 163 B	36ms 36ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Response headers x-content-type-options nosniff content-encoding gzip server cafe content-length 145 x-xss-protection 0 date Fri, 28 Jan 2022 02:03:02 GMT cache-control public, max-age=3600 content-type text/html; charset=UTF-8 age 3112 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame B0A2	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8bf435a951dc5ca1feffb7da684459df28be4c32344d9b2974b6536adfe8a940 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css2 fonts.googleapis.com/ Frame 6BDD	4 KB 634 B	104ms 56ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:18:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:54:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6BDD	205 B 229 B	36ms 36ms	Image image/png	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 23:40:16 GMT x-content-type-options nosniff age 11678 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 27 Jan 2023 23:40:16 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6BDD	604 B 628 B	37ms 36ms	Image image/png	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 13:14:01 GMT x-content-type-options nosniff age 49253 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 27 Jan 2023 13:14:01 GMT
GET H3	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 6BDD	18 KB 8 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:25:38 GMT content-encoding gzip x-content-type-options nosniff age 1756 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7952 x-xss-protection 0 server cafe etag 4804491876264876803 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:25:38 GMT
GET H3	200	4f0fd669188cad1c7ccc61140507409e.js Show response www.gstatic.com/mysidia/ Frame A5E7	8 KB 3 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/4f0fd669188cad1c7ccc61140507409e.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d6d254d04b4d7ed36b0cc3c11fbc46d4cf376428a1a110bb7e0617a3034ff64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 14:24:03 GMT content-encoding gzip x-content-type-options nosniff age 45051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3356 x-xss-protection 0 last-modified Fri, 21 Jan 2022 01:20:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 14:24:03 GMT
GET H3	200	6c2d6b1206f3d1fe21ef2c83ec0fd504.js Show response www.gstatic.com/mysidia/ Frame A5E7	8 KB 4 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/6c2d6b1206f3d1fe21ef2c83ec0fd504.js?tag=text/vanilla_highlight Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f464b353ea31f3c703986ea74b4578e04b7d5c0ab28f46db9895890afeec2309 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 20:41:04 GMT content-encoding gzip x-content-type-options nosniff age 22430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3844 x-xss-protection 0 last-modified Tue, 25 Jan 2022 02:23:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 20:41:04 GMT
GET H3	200	css fonts.googleapis.com/ Frame A5E7	8 KB 888 B	91ms 48ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:12:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:54:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A5E7	1 KB 875 B	38ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:00:43 GMT content-encoding gzip x-content-type-options nosniff age 3251 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 848 x-xss-protection 0 server cafe etag 2277666839114365613 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:00:43 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame A5E7	18 KB 7 KB	39ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:45:06 GMT content-encoding gzip x-content-type-options nosniff age 588 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7644 x-xss-protection 0 server cafe etag 6659623896352890502 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:45:06 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A5E7	2 KB 1 KB	47ms 47ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:01:27 GMT content-encoding gzip x-content-type-options nosniff age 3207 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:01:27 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A5E7	14 KB 6 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:35:01 GMT content-encoding gzip x-content-type-options nosniff age 1193 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6123 x-xss-protection 0 server cafe etag 15358646999216992880 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:35:01 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame A5E7	123 KB 37 KB	43ms 21ms	Script text/javascript	2a00:1450:400e:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38288 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643200382015849" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	fccbdb50d0e11463e1edb3d8fcf7c364.js Show response www.gstatic.com/mysidia/ Frame A5E7	27 KB 11 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 16:51:03 GMT content-encoding gzip x-content-type-options nosniff age 36231 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11411 x-xss-protection 0 last-modified Tue, 25 Jan 2022 02:23:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 16:51:03 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D64A	2 KB 1 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:01:27 GMT content-encoding gzip x-content-type-options nosniff age 3207 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:01:27 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D64A	123 KB 37 KB	39ms 32ms	Script text/javascript	2a00:1450:400e:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38288 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643200382015849" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame D64A	14 KB 6 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:35:01 GMT content-encoding gzip x-content-type-options nosniff age 1193 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6123 x-xss-protection 0 server cafe etag 15358646999216992880 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:35:01 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame D64A	0 0	132ms 46ms	Image text/html	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNzs8tM3YyAeeXBDSR6NOp7rtGsin6vmMeuz1FJifGX4kI0gJdXtI0QGfFv2TImNW0_iOB7fVhWgf04Wu2ASeI2iVmyg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame D64A	0 0	81ms 80ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cqt-P_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoEzQFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVdzW2fJXVnKZ6dkJzZAbol2fFwc_Ln0Qz0cLL4YT55M-0EndoJc4FgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDc4ODA4MzIxOTIyNDI3OBgA&sigh=ESE0-bBuiNs&uach_m=[UACH]&cid=CAQSPACNIrLMS5qoSQ0gzrL-uozP0gcYZvYZl1AhylQeNuWT1Rzm_fzcWsuquipacMpH-fJWU-wIqhe8W_M78hgB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Fri, 28 Jan 2022 02:54:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	notify rtb.fr.eu.criteo.com/google/auction/ Frame D64A	0 0	58ms 16ms	Fetch	2a02:2638::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UpClCcz6RLAJmAKdg2ICAgAAAPV_BunOty_0-Sn-BxD-WvNheR0EipdBzNXGGyIAEg&wp=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT server Kestrel server-processing-duration-in-ticks 223342 content-length 0 strict-transport-security max-age=31536000; preload;
GET H2	200	afr.php Show response ads.eu.criteo.com/delivery/r/ Frame 59B2	139 KB 46 KB	161ms 123ms	Document text/html	2a02:2638::18 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash a8d338350844dcea44a2c640b50ade5c151d6520a56b30397175e2e389d4d996 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-type text/html server Kestrel cache-control private, max-age=0, no-cache pragma no-cache expires Mon, 26 Jul 1997 05:00:00 GMT access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cross-origin-resource-policy cross-origin p3p CP='CUR ADM OUR NOR STA NID' report-to {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mDg1hSMxCioOCtz3-6cfJxAJawXU2Y3z1yxA7q3CPaMZVZau9npHCei83JWq7Tg4R1QMPJcDeR0iiB9WrHp_09WdEXQ5XhuA5sT6YQqApcN33y_zM_e-vZdxNdN15uG36YnjhR8o7oi7B_LL1bM_zpjxkJPkGicEtxINBX_I09PfytuU6yRfMUumpyfFV2N9ximkRJm4DZF9IL2RcYpkleqitWV-jGbW3spW2xdU0EX770ssvGd2R8GvPa94DgKxo0_5yg"}], "max_age": 86400} link <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin server-processing-duration-in-ticks 106182049 strict-transport-security max-age=31536000; preload; content-encoding gzip vary Accept-Encoding
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 2A0B	1 KB 749 B	40ms 39ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 date Thu, 27 Jan 2022 05:53:44 GMT expires Fri, 28 Jan 2022 05:53:44 GMT cache-control public, max-age=86400 age 75670 etag 48472445140208031 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v41/ Frame B0A2	28 KB 28 KB	118ms 37ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 25 Jan 2022 18:14:29 GMT x-content-type-options nosniff age 204025 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28196 x-xss-protection 0 last-modified Tue, 18 Jan 2022 17:53:50 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 25 Jan 2023 18:14:29 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	48ms 47ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=sci-hub.hkvisa.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	47ms 47ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 55EF	95 KB 33 KB	241ms 240ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 867d11d792b56f02b57ae9a2a9bda51f9290a76456485888bf73e9c171ea14e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 28 Jan 2022 02:54:55 GMT server cafe content-length 33554 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 3692 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	64ms 64ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 43B5	143 B 163 B	37ms 36ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Response headers x-content-type-options nosniff content-encoding gzip server cafe content-length 145 x-xss-protection 0 date Fri, 28 Jan 2022 02:03:02 GMT cache-control public, max-age=3600 content-type text/html; charset=UTF-8 age 3112 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame D64A	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash edb6f73dd357f31b26856cb34ba3a46c177dd07cfa67e9397b0de90d23535f50 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css fonts.googleapis.com/ Frame 7AD1	8 KB 888 B	48ms 48ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:15:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:54:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 7AD1	1 KB 875 B	36ms 36ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:00:43 GMT content-encoding gzip x-content-type-options nosniff age 3251 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 848 x-xss-protection 0 server cafe etag 2277666839114365613 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:00:43 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 7AD1	18 KB 7 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:45:06 GMT content-encoding gzip x-content-type-options nosniff age 588 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7644 x-xss-protection 0 server cafe etag 6659623896352890502 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:45:06 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 7AD1	2 KB 1 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:01:27 GMT content-encoding gzip x-content-type-options nosniff age 3207 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:01:27 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 7AD1	14 KB 6 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:35:01 GMT content-encoding gzip x-content-type-options nosniff age 1193 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6123 x-xss-protection 0 server cafe etag 15358646999216992880 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:35:01 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7AD1	123 KB 37 KB	23ms 23ms	Script text/javascript	2a00:1450:400e:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38288 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643200382015849" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 28 Jan 2022 02:54:54 GMT
GET H3	200	fccbdb50d0e11463e1edb3d8fcf7c364.js Show response www.gstatic.com/mysidia/ Frame 7AD1	27 KB 11 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 16:51:03 GMT content-encoding gzip x-content-type-options nosniff age 36231 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11411 x-xss-protection 0 last-modified Tue, 25 Jan 2022 02:23:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 16:51:03 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 2A0B	35 B 463 B	47ms 9ms	Image image/gif	2620:116:800d:21:5a23:9c4e:e774:96c1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFWl4fP6tK0ZCZnst_97jGI&google_cver=1&google_push=AYg5qPJuK4Bbd_hE-kE70Gaplg1N6cCl2oasQIhL9vblQZTJ9-6hFgMTxsSdU3VkUoc0fPuEaJ0StNMqthB8gAU1Jsag4tvLW06B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:54 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2A0B Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEC1IzqFmhEEMyygDrwP1lBg&google_cver=1&google_push=AYg5qPIVe0WM0migZTIXH8z81oTOjcT1jn3V4w4l06NAfss3zPmYS8Mk880qk0cH7G_mnfs2rHIzFpLzcgcVjDf9fmNQK72N1yM https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIVe0WM0migZTIXH8z81oTOjcT1jn3V4w4l06NAfss3zPmYS8Mk880qk0cH7G_mnfs2rHIzFpLzcgcVjDf9fmNQK72N1yM&google_hm=Q0FFU0VDMUl6cUZtaEVFTX...	170 B 188 B	20ms 19ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIVe0WM0migZTIXH8z81oTOjcT1jn3V4w4l06NAfss3zPmYS8Mk880qk0cH7G_mnfs2rHIzFpLzcgcVjDf9fmNQK72N1yM&google_hm=Q0FFU0VDMUl6cUZtaEVFTXl5Z0Ryd1AxbEJn Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H3 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 28 Jan 2022 02:54:54 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIVe0WM0migZTIXH8z81oTOjcT1jn3V4w4l06NAfss3zPmYS8Mk880qk0cH7G_mnfs2rHIzFpLzcgcVjDf9fmNQK72N1yM&google_hm=Q0FFU0VDMUl6cUZtaEVFTXl5Z0Ryd1AxbEJn Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 2A0B	43 B 324 B	57ms 19ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDvn2jSw96UtJBJ8iE0AlWA&google_push=AYg5qPI9NCFNUWO71LavWKp5iOjS-OZXdj7AxbkU9RHSUoAulFR3EFfvdK5VcpZMF4dMys68oUPqiG9eF04JoYI-2PNN8YL_n6P-&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:54 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	dds rtb.openx.net/sync/ Frame 2A0B	43 B 350 B	61ms 20ms	Image image/gif	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESENfkpX66O1whIA_IItuodcQ&google_cver=1&google_push=AYg5qPKRUPIYE9vrBVxoW48PX6Hr7nH9fLEoHEyqIEmpXF6l6vfUZ-XzJjTaBgXmSlmQ2aRGQD5zvMY31S6vgCvdklvSx-7JGDdC Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:53 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id 3va870r04a8asen7qenttu38jc548oqb
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2A0B Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	24ms 20ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4XgCL7bGL1wLcBArhDT6DuQKguXUYJEJx-aGJxH3Crl6Y8ISDjanaFxFnkit5mImPmQow3yAlZdhy3j31hewdMf8eW_F0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H3 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL4XgCL7bGL1wLcBArhDT6DuQKguXUYJEJx-aGJxH3Crl6Y8ISDjanaFxFnkit5mImPmQow3yAlZdhy3j31hewdMf8eW_F0 date Fri, 28 Jan 2022 02:54:54 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2A0B Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMgVFSIorRnurZLfZzT3fXQ&google_cver=1&google_push=AYg5qPLwqHv_Pj5q7DOcSmfotjFOai8CjXjreGr0aXy3zF7rz6lLkfx0t99Yx6N3usjFf64U7yg... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI1WDgtMUotQTQzTg==&google_push=AYg5qPLwqHv_Pj5q7DOcSmfotjFOai8CjXjreGr0aXy3zF7rz6lLkfx0t99Yx6N3usjFf64U7ygS_bRUmWVtvTiP0SN-mFRd0OE	170 B 329 B	20ms 20ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI1WDgtMUotQTQzTg==&google_push=AYg5qPLwqHv_Pj5q7DOcSmfotjFOai8CjXjreGr0aXy3zF7rz6lLkfx0t99Yx6N3usjFf64U7ygS_bRUmWVtvTiP0SN-mFRd0OE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI1WDgtMUotQTQzTg==&google_push=AYg5qPLwqHv_Pj5q7DOcSmfotjFOai8CjXjreGr0aXy3zF7rz6lLkfx0t99Yx6N3usjFf64U7ygS_bRUmWVtvTiP0SN-mFRd0OE Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 78e3bdce5107450057bade54d54a0a7e Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 2A0B Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamar...	0 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 2A0B	0 232 B	55ms 18ms	Image text/html	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhKGsN6L6K5tdqESoEItq3i8qJa2pwN0rpQYzWx6yDe_PIqQJd44oT0T1uRxyzfK3PudCy Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494559&bpp=1&bdt=1228&idt=-M&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=S40OgF4MTL&p=https%3A//sci-hub.hkvisa.net&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 43B5 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	53ms 53ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:54 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 28 Jan 2022 02:54:54 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response pagead2.googlesyndication.com/bg/ Frame 7F2F	35 KB 13 KB	41ms 39ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 20:35:23 GMT content-encoding br x-content-type-options nosniff age 22771 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13575 x-xss-protection 0 last-modified Mon, 24 Jan 2022 14:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 27 Jan 2023 20:35:23 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame F64B	143 B 163 B	36ms 36ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Response headers x-content-type-options nosniff content-encoding gzip server cafe content-length 145 x-xss-protection 0 date Fri, 28 Jan 2022 02:03:02 GMT cache-control public, max-age=3600 content-type text/html; charset=UTF-8 age 3112 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 59B2	2 KB 1 KB	44ms 13ms	Image image/svg+xml	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 23 Jan 2023 02:54:54 GMT
GET H2	200	adchoices_de.svg static.criteo.net/flash/icon/ Frame 59B2	2 KB 1 KB	44ms 14ms	Image image/svg+xml	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_de.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:54 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-763" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 23 Jan 2023 02:54:54 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 59B2	308 B 636 B	14ms 13ms	Image image/svg+xml	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Mon, 23 Jan 2023 02:54:55 GMT
GET H2	200	back_button.svg static.criteo.net/flash/icon/ Frame 59B2	507 B 835 B	14ms 14ms	Image image/svg+xml	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT last-modified Thu, 01 Apr 2021 14:03:13 GMT server nginx cross-origin-embedder-policy require-corp etag "6065d2a1-1fb" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 507 expires Mon, 23 Jan 2023 02:54:55 GMT
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame 59B2	43 B 1 KB	84ms 15ms	Image image/gif	85.14.248.91 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=15&extPu=72360-criteo&extLi=152208&rnd=61f35afe7b43979f6363806a28606018&criteoid=&consent_string=&iab=1&url= Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.14.248.91 Wuppertal, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 28 Jan 2022 02:54:55 GMT Server Microsoft-IIS/8.5 Date Fri, 28 Jan 2022 02:54:54 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://ads.eu.criteo.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1696 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	lg.php cat.fr.eu.criteo.com/m/delivery/ Frame 59B2	43 B 347 B	52ms 19ms	Image image/gif	178.250.0.160 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=DrY3eUwLLdR4ZwHSVeEF73VN6vjF7gA6-BaxQfpHu_xAtVCuuGj0APteWn9dCwwW2Z_rmVH0W3xbmrB2AXHS48DjdMsHA4toAl3VF52r60hszAHxq1IYuCfuqccZGMTO0RkRuwj_KfHjwrTMLLO03C4K7Y4ClAxwMkBkD2QnaHPM80xqu-bv3n0nMhjVVn2wReS-Aa-pXggVF5gxbh_olyIFOXselGhFeYYJvGuiB6g_VvLFe7hqDFy2PFuvuaFQzFgUrzVoTEXQqXq9lwllu_-eeV-bNtKtL8bOnvd6qYbg8bbHwxhpnrnOFOVGnglwElhcVaoo2LAkjcbg0vBdaz99n8rIXh92vyYmBy0sW8Dx3GNhYEOGiQQR8suGbiSSBhRNJYMeOGNzRsiHeEBfHM2Nh3Z_F1HXdbwp7Go721f-zHHNlw1QqHtf9p4CK1CZHMOokg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:54 GMT server Kestrel strict-transport-security max-age=31536000; preload; p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 3420494 content-type image/gif expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	webfontloader.js Show response cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 59B2	12 KB 5 KB	43ms 18ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 91203 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4420 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04030-30d9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJXh1r59RhB3j9qYbEt3%2FLIyX0XSh9W1UpibIgGMCKDe5GLs6KwdtFzNXuWQSIxH1qrFueQ2BTA%2BEkyJtADOGSjGQUAf261PBtaDSWm2II5GTzIDL9C8t40Lc7jlz7AeLaui5SUt03MO9h5s0SsMPWlh"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6d46f05a2d57cc5a-ZRH expires Wed, 18 Jan 2023 02:54:55 GMT
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 59B2	12 KB 6 KB	15ms 14ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT content-encoding gzip last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 23 Jan 2023 02:54:55 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 59B2	5 KB 5 KB	59ms 27ms	Image image/png	178.250.2.135 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?h=556&m=0&partner=12719&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F12719%2F210702%2Fb42a3fb412864cd39d1cc90c626bd9bc_mue_logo_rgb.png&v=3&w=196&s=KSBfYPlg8o8YJmGSP_IB3Rbk Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.am5.vip.prod.criteo.com Software Finatra / Resource Hash 0e6b1ef8d7d064b6c94d14c18562f5a43286b40b0903549f608bd9ee61ec42e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 24 Jan 2022 09:30:11 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra age 321883 vary Origin x-cache hit content-type image/png cache-control public, max-age=29363435 cdn-loop Criteo cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; accept-ranges bytes timing-allow-origin * content-length 4966 expires Fri, 30 Dec 2022 06:00:46 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 59B2	7 KB 7 KB	79ms 47ms	Image image/webp	178.250.2.135 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC23_7044_FA.jpg&v=3&w=400&s=iPXhD-csfsyPjz5gQvj6UUMO&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.am5.vip.prod.criteo.com Software Finatra / Resource Hash f4b6899bab897f21c8204f06dab0754b061341ae8a94446d4d88c266a6a0cc86 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:48:45 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra age 369 vary Origin x-cache hit content-type image/webp cache-control public, max-age=300784 cdn-loop Criteo cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; accept-ranges bytes timing-allow-origin * content-length 7276 expires Thu, 27 Jan 2022 21:43:40 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 59B2	33 KB 33 KB	57ms 25ms	Image image/webp	178.250.2.135 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_4343_FA.jpg&v=3&w=400&s=cOhaZBCD_tJePqVCN6N_D3FU&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.am5.vip.prod.criteo.com Software Finatra / Resource Hash cde8dc0c57723b895ea1ca3cd8846a8d6e5c8a59817caabd2ce463b57e21aa9e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 24 Jan 2022 10:20:18 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra age 318876 vary Origin x-cache hit content-type image/webp cache-control public, max-age=31104000 cdn-loop Criteo cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; accept-ranges bytes timing-allow-origin * content-length 33582 expires Thu, 19 Jan 2023 10:20:19 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 59B2	17 KB 17 KB	74ms 42ms	Image image/webp	178.250.2.135 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_7739_FA.jpg&v=3&w=400&s=_EE74aBjsXSwEooDcUQeT9cU&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.am5.vip.prod.criteo.com Software Finatra / Resource Hash 4fb3e0883aca44b3ee7d12d14730e3a908871be9310da98451ff091ab13ad80c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:34:25 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra age 1228 vary Origin x-cache hit content-type image/webp cache-control public, max-age=598547 cdn-loop Criteo cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; accept-ranges bytes timing-allow-origin * content-length 17388 expires Fri, 04 Feb 2022 00:50:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 59B2	8 KB 8 KB	73ms 42ms	Image image/webp	178.250.2.135 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC24_7322_FA.jpg&v=3&w=400&s=hev8xRUamBP9HQzSgqu5X356&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.am5.vip.prod.criteo.com Software Finatra / Resource Hash 364c112e67fb854c72fb8d33ff90b7688286904a0032381f0c31de15c931af1f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:53:01 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra age 113 vary Origin x-cache hit content-type image/webp cache-control public, max-age=95931 cdn-loop Criteo cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; accept-ranges bytes timing-allow-origin * content-length 8044 expires Tue, 25 Jan 2022 12:41:57 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 59B2	20 KB 21 KB	64ms 32ms	Image image/webp	178.250.2.135 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC10_4524_FA.jpg&v=3&w=400&s=xYhX3mkAyVyGbJXvUu2EuUyq&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.am5.vip.prod.criteo.com Software Finatra / Resource Hash aae5093ace5c7948b630115acc97d0772d446b316f9e15ca39f85273c1d34b14 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 24 Jan 2022 10:13:11 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra age 319303 vary Origin x-cache hit content-type image/webp cache-control public, max-age=473823 cdn-loop Criteo cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; accept-ranges bytes timing-allow-origin * content-length 20794 expires Sat, 29 Jan 2022 21:50:15 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 59B2	24 KB 24 KB	41ms 40ms	Image image/webp	178.250.2.135 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC23_7572_FA.jpg&v=3&w=400&s=bwH5Q0kGRIf8e61IfSU2o_JJ&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.am5.vip.prod.criteo.com Software Finatra / Resource Hash 49913b5e892d41b2594c1da8075c373985fb0521f9ad3de04cf1985dac7e7252 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 24 Jan 2022 09:59:34 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra age 320120 vary Origin x-cache hit content-type image/webp cache-control public, max-age=521593 cdn-loop Criteo cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; accept-ranges bytes timing-allow-origin * content-length 24624 expires Sun, 30 Jan 2022 10:52:48 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 59B2	0 127 B	49ms 14ms	Ping text/plain	178.250.2.150 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=mDg1hSMxCioOCtz3-6cfJxAJawXU2Y3z1yxA7q3CPaMZVZau9npHCei83JWq7Tg4R1QMPJcDeR0iiB9WrHp_09WdEXQ5XhuA5sT6YQqApcN33y_zM_e-vZdxNdN15uG36YnjhR8o7oi7B_LL1bM_zpjxkJPkGicEtxINBX_I09PfytuU6yRfMUumpyfFV2N9ximkRJm4DZF9IL2RcYpkleqitWV-jGbW3spW2xdU0EX770ssvGd2R8GvPa94DgKxo0_5yg&sds=2&rev=80217&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 28 Jan 2022 02:54:54 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0 strict-transport-security max-age=31536000; preload;
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 59B2	2 KB 1 KB	14ms 14ms	Image image/svg+xml	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT content-encoding gzip last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 23 Jan 2023 02:54:55 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 59B2	2 KB 1 KB	15ms 15ms	Image image/svg+xml	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT content-encoding gzip last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 23 Jan 2023 02:54:55 GMT
GET H3	200	mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response pagead2.googlesyndication.com/bg/ Frame 75EC	35 KB 13 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1643338494&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338493783&bpp=4&bdt=452&idt=205&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=2916671589734&frm=20&pv=2&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bLSjecIFrn&p=https%3A//sci-hub.hkvisa.net&dtd=225 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 20:35:23 GMT content-encoding br x-content-type-options nosniff age 22772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13575 x-xss-protection 0 last-modified Mon, 24 Jan 2022 14:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 27 Jan 2023 20:35:23 GMT
GET H3	200	css fonts.googleapis.com/ Frame 55EF	8 KB 888 B	48ms 47ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:14:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:54:55 GMT
GET H3	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/3533945700236586562/ Frame 55EF	28 KB 28 KB	37ms 37ms	Image image/jpeg	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3533945700236586562/downsize_200k_v1?w=600&h=314 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8c2d70d190bd1327bd5875000fbc10a0c42ba71941fa63ce4cba861cebe1bf8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 05:41:09 GMT x-content-type-options nosniff age 76426 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29148 x-xss-protection 0 last-modified Fri, 30 Oct 2020 20:26:14 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 27 Jan 2023 05:41:09 GMT
GET DATA	200 OK	truncated / Frame 55EF	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 55EF	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cc40a4807b17691e04967410d3d8732c9a31a1d7c1d798dd1c91c5ea85795a52 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 55EF	1 KB 875 B	59ms 59ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:00:43 GMT content-encoding gzip x-content-type-options nosniff age 3252 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 848 x-xss-protection 0 server cafe etag 2277666839114365613 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:00:43 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 55EF	18 KB 7 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:45:06 GMT content-encoding gzip x-content-type-options nosniff age 589 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7644 x-xss-protection 0 server cafe etag 6659623896352890502 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:45:06 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 55EF	2 KB 1 KB	59ms 58ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:01:27 GMT content-encoding gzip x-content-type-options nosniff age 3208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:01:27 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 55EF	123 KB 37 KB	19ms 18ms	Script text/javascript	2a00:1450:400e:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38288 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643200382015849" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 28 Jan 2022 02:54:55 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 55EF	14 KB 6 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:35:01 GMT content-encoding gzip x-content-type-options nosniff age 1194 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6123 x-xss-protection 0 server cafe etag 15358646999216992880 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 11 Feb 2022 02:35:01 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 55EF	0 0	106ms 46ms	Image text/html	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxc3sbQ1s3PQd_LHV2Lq125Qajjg4C32sWeUZob99S3RO_d172PBUJq0PvsS63pEDy14vwdDej4JEAltyJX3R3vqmj6g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	fccbdb50d0e11463e1edb3d8fcf7c364.js Show response www.gstatic.com/mysidia/ Frame 55EF	27 KB 11 KB	37ms 36ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 16:51:03 GMT content-encoding gzip x-content-type-options nosniff age 36232 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11411 x-xss-protection 0 last-modified Tue, 25 Jan 2022 02:23:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 27 Apr 2022 16:51:03 GMT
GET H3	200	css fonts.googleapis.com/ Frame 59B2	5 KB 660 B	54ms 54ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 28 Jan 2022 02:17:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 28 Jan 2022 02:54:55 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 28 Jan 2022 02:54:55 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 55EF	0 0	78ms 78ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CE5O9_lrzYebuMaWZlQeY6oLIAqmM1IVo-t2fs7kN6Kq2lYsDEAEg86rhe2CV4pCCoAegAZKZq_wCyAEJqAMByAPLBKoE2gFP0P93188SYC2a0bnHrrnHiM_y4hOqwTS-RdJSvFnqD6FYQSTeKniWpHqcOqXp77otvRbDiWKOk9JizPfEJIcJNlTg5SnooM9WcvMTVrdSrC7sSkgN5ngf-kwRjp1_MTaArnQdWHlGPqgjpdlj2pvQDfjiMMyf4R0T54AQjYVXWU6fIzejDHABgpWy1rd7ZeQfpTacZPFwbkWoZI56cMGxnfNQEAot7Nt0scx24kW_zTMEV8x1zo91iT5cgtxBizjYQQYC369XbRrVdfKSPYlPeo1jz7W_hl_hHcAE0dD1mbQDkgUECAQYAZIFBAgFGASgBi6AB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwMQpFTSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=AcGYm3fPYaM&uach_m=[UACH]&template_id=5000 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Fri, 28 Jan 2022 02:54:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame F64B Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	60ms 60ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 28 Jan 2022 02:54:55 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 28 Jan 2022 02:54:55 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 28 Jan 2022 02:54:55 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v27/ Frame 59B2	44 KB 44 KB	81ms 37ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ads.eu.criteo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 21 Jan 2022 13:52:02 GMT x-content-type-options nosniff age 565373 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 21 Jan 2023 13:52:02 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FA79	1 KB 749 B	39ms 39ms	Document text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 date Thu, 27 Jan 2022 05:53:44 GMT expires Fri, 28 Jan 2022 05:53:44 GMT cache-control public, max-age=86400 age 75671 etag 48472445140208031 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 55EF	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0c89624c25566a484a5d858e471e260e621e8ecac0bf5606d67527deb930cbdc Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pixel cm.g.doubleclick.net/ Frame FA79 Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM_b-7y0hekTo1-gD38dWBY&google_cver=1&google_push=AYg5qPLAUZDJG9b9WXpDqIXl3p_E_Lt15lDqyIzebSABzK3r2Q7QyIGctQ... https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLAUZDJG9b9WXpDqIXl3p_E_Lt15lDqyIzebSABzK3r2Q7QyIGctQmXamL4Yqz2ZZu8oRv3ydXSTDZEX06u2y3TbOemqDeb&google_hm=DOeTxq...	170 B 188 B	21ms 21ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLAUZDJG9b9WXpDqIXl3p_E_Lt15lDqyIzebSABzK3r2Q7QyIGctQmXamL4Yqz2ZZu8oRv3ydXSTDZEX06u2y3TbOemqDeb&google_hm=DOeTxqTzCqfdLko4iYvcVg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLAUZDJG9b9WXpDqIXl3p_E_Lt15lDqyIzebSABzK3r2Q7QyIGctQmXamL4Yqz2ZZu8oRv3ydXSTDZEX06u2y3TbOemqDeb&google_hm=DOeTxqTzCqfdLko4iYvcVg pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT cache-control private, no-cache, no-store, proxy-revalidate content-length 0 strict-transport-security max-age=86400 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FA79 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEAyx8UwLDvp69bbl-JmaDsM&google_cver=1&google_push=AYg5qPJeXqN6IopYGVVBW7Nxu0rDIpZjT8sGPPND4bSdwKGOfwAbMDBVl9o_ruEnw_PKsIZIJm9wGvwTDlORjYKN23QmwSYL7riaAw https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJeXqN6IopYGVVBW7Nxu0rDIpZjT8sGPPND4bSdwKGOfwAbMDBVl9o_ruEnw_PKsIZIJm9wGvwTDlORjYKN23QmwSYL7riaAw&google_hm=Q0FFU0VBeXg4VXdMRHZ...	170 B 188 B	19ms 19ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJeXqN6IopYGVVBW7Nxu0rDIpZjT8sGPPND4bSdwKGOfwAbMDBVl9o_ruEnw_PKsIZIJm9wGvwTDlORjYKN23QmwSYL7riaAw&google_hm=Q0FFU0VBeXg4VXdMRHZwNjliYmwtSm1hRHNN Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 28 Jan 2022 02:54:54 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJeXqN6IopYGVVBW7Nxu0rDIpZjT8sGPPND4bSdwKGOfwAbMDBVl9o_ruEnw_PKsIZIJm9wGvwTDlORjYKN23QmwSYL7riaAw&google_hm=Q0FFU0VBeXg4VXdMRHZwNjliYmwtSm1hRHNN Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	dds rtb.openx.net/sync/ Frame FA79	43 B 64 B	38ms 21ms	Image image/gif	35.186.253.211 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEEM_heYsCk2azLUvUQTfSQc&google_cver=1&google_push=AYg5qPKBU4bTiaDsyZMClxEDOcbTCVRkYw30SRRHewkKJ7Lra7mBOZgnXdXzEBdQn84e1WQ69L7aJUcozFH8pIAgn69nAWm1R22WJg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 211.253.186.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:54 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id hv9tk48g0o2iff84vvupdk9srvvevbkd
GET H3	200	pixel cm.g.doubleclick.net/ Frame FA79 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	20ms 19ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcW34MbifrpMPlugoqCvoSeYp6Rt2iYr1MBg2CZUCxyoxzBEm_hIHlLEz--yeXsZRWjm1x7YdIoox2d7YdHGQ6sFWyvKdNng Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jWzRMynGRLCNuQQ54wQbkw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJcW34MbifrpMPlugoqCvoSeYp6Rt2iYr1MBg2CZUCxyoxzBEm_hIHlLEz--yeXsZRWjm1x7YdIoox2d7YdHGQ6sFWyvKdNng date Fri, 28 Jan 2022 02:54:55 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame FA79 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAR3woCt-SMyPRTp2Mk8-2M&google_cver=1&google_push=AYg5qPIVg3Q5Di97zk2HeabX-IG0etBIC851zYEcozTyjRfdcFGVBIygzG8svUpiEO1cUNQzm9M... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI2NlItUy1KR1Ay&google_push=AYg5qPIVg3Q5Di97zk2HeabX-IG0etBIC851zYEcozTyjRfdcFGVBIygzG8svUpiEO1cUNQzm9MHk2Jq8qSDJqntUlwTIpxiQQFhSQ	170 B 188 B	21ms 20ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI2NlItUy1KR1Ay&google_push=AYg5qPIVg3Q5Di97zk2HeabX-IG0etBIC851zYEcozTyjRfdcFGVBIygzG8svUpiEO1cUNQzm9MHk2Jq8qSDJqntUlwTIpxiQQFhSQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lYVEI2NlItUy1KR1Ay&google_push=AYg5qPIVg3Q5Di97zk2HeabX-IG0etBIC851zYEcozTyjRfdcFGVBIygzG8svUpiEO1cUNQzm9MHk2Jq8qSDJqntUlwTIpxiQQFhSQ Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 78e3bdce5107450057bade54d54a0a7e Expires 0
GET		pixel cm.g.doubleclick.net/ Frame FA79 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhY...	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame FA79 Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECtf48FYOKYYAN_ZABwxsVQ&google_cver=1&google_push=AYg5qPJRvhYIzifey42AZuO8... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJRvhYIzifey42AZuO8s-iqB-X7sAiwXUOezUGraJLuVyuH_yxpo9ZjCGIrdifrM_6D1d8Q0ior-y4jUaeTLe0TMPXP_dI8CNU&google_hm=	170 B 188 B	20ms 20ms	Image image/png	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJRvhYIzifey42AZuO8s-iqB-X7sAiwXUOezUGraJLuVyuH_yxpo9ZjCGIrdifrM_6D1d8Q0ior-y4jUaeTLe0TMPXP_dI8CNU&google_hm= Protocol H3 Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJRvhYIzifey42AZuO8s-iqB-X7sAiwXUOezUGraJLuVyuH_yxpo9ZjCGIrdifrM_6D1d8Q0ior-y4jUaeTLe0TMPXP_dI8CNU&google_hm= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Thu, 27 Jan 2022 02:54:55 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame FA79	0 12 B	21ms 19ms	Image text/html	142.251.36.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-vF1Ea-VEyltFUoegb4KkyPxHM8i3jw02DwXB7Jm2ZmWbRkzEzhyXGgcqCfqx3-Hgznfobg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.36.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s44-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v41/ Frame 55EF	28 KB 28 KB	38ms 38ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 25 Jan 2022 18:14:29 GMT x-content-type-options nosniff age 204026 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28196 x-xss-protection 0 last-modified Tue, 18 Jan 2022 17:53:50 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 25 Jan 2023 18:14:29 GMT
GET H/1.1	200 OK	process Show response share.pluso.ru/	121 B 468 B	506ms 38ms	Script application/javascript	37.200.67.211 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=NCJlqundefinedcqMTdFgfNU&first=1 Requested by Host: img.sci-hub.shop URL: https://img.sci-hub.shop/scihub/pluso-like.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 543e851f2a823ecf8ef9447840d316c0a25c6170ab5bfa1b6b2f6752e765eb17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:56:50 GMT X-Content-Type-Options nosniff Server nginx Content-Type application/javascript Connection keep-alive Keep-Alive timeout=5 Content-Length 121 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	process Show response share.pluso.ru/	121 B 468 B	506ms 37ms	Script application/javascript	37.200.67.211 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=gaCoyW39U8uXHTko Requested by Host: img.sci-hub.shop URL: https://img.sci-hub.shop/scihub/pluso-like.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 543e851f2a823ecf8ef9447840d316c0a25c6170ab5bfa1b6b2f6752e765eb17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:56:50 GMT X-Content-Type-Options nosniff Server nginx Content-Type application/javascript Connection keep-alive Keep-Alive timeout=5 Content-Length 121 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	hit;PLUSO counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1	43 B 528 B	49ms 49ms	Image image/gif	88.212.201.198 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 Protocol HTTP/1.1 Server 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host198.rax.ru Software nginx/1.17.9 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 28 Jan 2022 02:55:08 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 27 Jan 2021 21:00:00 GMT Redirect headers Pragma no-cache Date Fri, 28 Jan 2022 02:55:08 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Location https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 Cache-control no-cache Connection keep-alive Content-Type text/html Content-Length 32 Expires Wed, 27 Jan 2021 21:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	92ms 48ms	XHR application/json	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b5a3b0a3fcd48c006fe90f947db40cb7028e8409dc7c8e0e93680acaa813a752 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 28 Jan 2022 02:54:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8988 x-xss-protection 0
GET H/1.1	200 OK	06.png share.pluso.ru/img/pluso-like/square/medium/	23 KB 23 KB	539ms 70ms	Image image/png	37.200.67.211 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://share.pluso.ru/img/pluso-like/square/medium/06.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:56:50 GMT X-Content-Type-Options nosniff Last-Modified Mon, 13 Apr 2015 11:02:40 GMT Server nginx ETag "552ba250-5b8f" Content-Type image/png Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 23439 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	plus.png share.pluso.ru/img/	2 KB 3 KB	506ms 35ms	Image image/png	37.200.67.211 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://share.pluso.ru/img/plus.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:56:50 GMT X-Content-Type-Options nosniff Last-Modified Mon, 13 Apr 2015 11:02:40 GMT Server nginx ETag "552ba250-98a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 2442 X-XSS-Protection 1; mode=block
GET H3	200	mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response pagead2.googlesyndication.com/bg/ Frame F354	35 KB 13 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1643338494&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643338494560&bpp=1&bdt=1229&idt=1&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&cookie=ID%3D849abe03ed979181-224a955b2bcd0065%3AT%3D1643338494%3ART%3D1643338494%3AS%3DALNI_MbTVWWSAs9g0FAFhDoSeuTVGU2_fw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1600x1200%2C1005x124&nras=8&correlator=2916671589734&frm=20&pv=1&ga_vid=1198660945.1643338494&ga_sid=1643338494&ga_hid=758855054&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3986&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31064578&oid=2&psts=AGkb-H8LMIftVn9uElN3xSxB9MxT_PtJ8h6kM_DLsJno-42Rjs3g2RA9D6n7ydkoAWIRp_8nZgqa9Ymc9wbaXA&pvsid=2315325788654785&pem=653&tmod=1686062123&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=x9RkMdEtHI&p=https%3A//sci-hub.hkvisa.net&dtd=231 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 20:35:23 GMT content-encoding br x-content-type-options nosniff age 22772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13575 x-xss-protection 0 last-modified Mon, 24 Jan 2022 14:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 27 Jan 2023 20:35:23 GMT
GET H/1.1	200 OK	kb.js Show response kitbit.net/	1 KB 2 KB	399ms 43ms	Script application/javascript	31.131.252.94 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://kitbit.net/kb.js Requested by Host: img.sci-hub.shop URL: https://img.sci-hub.shop/scihub/pluso-like.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash dc2634bfb10dd1ed133ebfd72295e079e50dadefed277c5b7e7cdfc872319082 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:52:49 GMT X-Content-Type-Options nosniff Server nginx ETag H4P8XmHzWoGE5wstTJr2Ag== Transfer-Encoding chunked P3P CP="NOI DSP COR NID CUR PSA OUR NOR" Cache-Control max-age=21600, private Connection keep-alive Content-Type application/javascript X-XSS-Protection 1; mode=block Expires Fri, 28 Jan 2022 08:52:49 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	49ms 49ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31064578 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 28 Jan 2022 02:54:55 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 53CA	13 KB 5 KB	37ms 36ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Fri, 28 Jan 2022 00:30:15 GMT expires Sat, 28 Jan 2023 00:30:15 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 8680 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame D324	783 B 534 B	52ms 51ms	Document text/html	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ac67f19c913d3e7f8fcc381edeb41f0d805f37c57d17791e378c690ca417895d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fZA1xkPpfJK1/yXgu9sZXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 28 Jan 2022 02:54:55 GMT date Fri, 28 Jan 2022 02:54:55 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-fZA1xkPpfJK1/yXgu9sZXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response pagead2.googlesyndication.com/bg/ Frame 53CA	35 KB 13 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 20:35:23 GMT content-encoding br x-content-type-options nosniff age 22772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13575 x-xss-protection 0 last-modified Mon, 24 Jan 2022 14:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 27 Jan 2023 20:35:23 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame D324	0 0	120ms 119ms	Image text/html	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=2315325788654785&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H/1.1	200 OK	adcm.js Show response tag.digitaltarget.ru/	3 KB 3 KB	167ms 52ms	Script application/javascript	185.15.175.159 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/adcm.js Requested by Host: kitbit.net URL: https://kitbit.net/kb.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:55 GMT Last-Modified Tue, 16 Nov 2021 09:48:08 GMT Server nginx ETag "61937e58-beb" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 3051
GET H/1.1	200 OK	s.js Show response kitbit.net/	1 B 303 B	44ms 44ms	Script application/javascript	31.131.252.94 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://kitbit.net/s.js?u=https%3A%2F%2Fsci-hub.hkvisa.net%2F Requested by Host: kitbit.net URL: https://kitbit.net/kb.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:52:49 GMT X-Content-Type-Options nosniff Server nginx Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection keep-alive X-XSS-Protection 1; mode=block Expires Fri, 28 Jan 2022 02:52:48 GMT
GET H/1.1	200 OK	h.gif kitbit.net/	43 B 537 B	88ms 43ms	Image image/gif	31.131.252.94 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//sci-hub.hkvisa.net/&h=Sci-Hub%26kbuid%3D5EFC831F815AF3612D0BE78402F69A4C Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:52:49 GMT X-Content-Type-Options nosniff Server nginx ETag H4P8XmHzWoGE5wstTJr4Ag== P3P CP="NOI DSP COR NID CUR PSA OUR NOR" Cache-Control max-age=0, private, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 1; mode=block Expires Fri, 28 Jan 2022 02:52:49 GMT
GET H2	200	cro optinder.com/ Redirect Chain https://p1.ntvk1.ru/nps https://optinder.com/cro	0 510 B	145ms 92ms	Image application/octet-stream	2606:4700:3035::ac43:c8d3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://optinder.com/cro Protocol H2 Server 2606:4700:3035::ac43:c8d3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 02:54:56 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsXl3VV%2F2HoOqkpyy9QsPYlFfvajQRrUlNI1J9muwlXFBeUvJD5auCFSQuVRTivOZdtWPRucWBn%2FzxhGDO6KJRE3vQkXohOp0K4A1eX%2FPr%2Fa2MJ9lPhlslgyVFHMA1n691J9iazwshjLJoY%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cf-ray 6d46f05fdbe171a4-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 Redirect headers x-77-nzt Abk73g+dnoiR date Fri, 28 Jan 2022 02:54:55 GMT last-modified Fri, 28 Jan 2022 02:54:54 GMT server CDN77-Turbo x-77-nzt-ray SNYsmaYO/TU= x-77-cache MISS content-type text/html; charset=UTF-8 location //optinder.com/cro cache-control no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0 x-cache MISS x-77-pop amsterdamNL content-length 0 x-request-id 1698558719-1-1643338495.889 expires Fri, 28 Jan 2022 02:54:54 GMT
GET H/1.1	200 OK	sud ut9.rktch.com/	88 B 88 B	180ms 42ms	Image image/png	89.108.97.2 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://ut9.rktch.com/sud Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d50603.reg.regrucolo.ru Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:55 GMT Server nginx/1.18.0 Connection keep-alive Content-Length 88 Content-Type image/png
GET		generate_204 tpc.googlesyndication.com/ Frame 53CA	0 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	74ms 73ms	Image image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=2315325788654785&bg=!ERKlElbNAAY6OBv_Ojg7ACkAdvg8WqivGFoe_fDcXSDOE3BiiA_7Ius-b4GllC_3A07fcLAkvnnNJgIAAABZUgAAAANoAQcKAArhYHYopg8qxbaKmQKz0reraZrydb5cXQSgLhrWQYwBhCir2naqm15EkqcIZGsPcutkfR7evq4RXPiBUR28UpsWZTEN1tq4N_p3g4OCbPMtbWPjsJhNGYNlpLLIpfCZUHIbV_yUbGvfJxqwOUkRQ4ThDtrONxkeMQUsmzGeRyczFiD8or1gaJ9kpRpxt8W3YiP4fMFIbvKvUzUUsv4oBSfy_v_yHeYOqqn8LlovLuSlc-gS7uPM509sSVTKkpm6DKlP7ugSfWkyviTEPXjKEzzdERDhByGAH6fPd5m5chRTWOGnru8v2gmqM_MIG_cB2qQ6wk6OjEoOpZzWwfq6iwGFlTCbeH-hBbDM-q19y0hLTnsLyVV-ej6XIXZ42fsbM9QpopLTJLBTiThwy91SnRVErfIjQhrUMUpf4AYtu7qC5oaDmm6lnCBJXM_YUSHFk8-RMCngdiz7V6VMLiJOUBUR1a7kJ3ZnhpEsrzyuD7Olgb6l1mARjKV_rAy3xsKWfyBQ2PQuJw9IbUe1-51hHIfrmutC30zjT1AYuDFDQ53w1Z7Ovt0diAEoz0co46dL66M32U2GL57Lsey6tpkQKwLA4rUR9zQFET4SbGIy1zgrBXmglVFQqRBXe1vZ3KMPsCsK7YJaPbzIN2WcrYyUY3hjNKQ_PlBGNrg9n57rmskSjsMadh9XWjHagNhy9QkeelGg5RLnWrXO-bRFvB-y20Z9dNBrTlgoa0BVj1Nqjfwf83PaXaXJMzrOr9AgiXqP2r7ifhtJaB7s2ZwaVLsSUmqkvI1CKr8ZbGkepqiwAv1woqTeezEPrslnGm_DuR4gRjRlfSbZx91nCuFgq_OTrVQ0Q3QeUooieKNG1OfbBolyGzpk9ORZvDAQ8GVggLPIPiwlut8P8Wptz4oR2F1BygoMD0GUFIsE_8EjmYrYequXQw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	processor.js Show response tag.digitaltarget.ru/	15 KB 15 KB	105ms 104ms	Script application/javascript	185.15.175.159 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/processor.js?i=59175275082048 Requested by Host: tag.digitaltarget.ru URL: https://tag.digitaltarget.ru/adcm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:55 GMT Last-Modified Tue, 16 Nov 2021 09:48:09 GMT Server nginx ETag "61937e59-3cda" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 15578
GET H/1.1	200 OK	extension_1086.js Show response tag.digitaltarget.ru/extensions/	475 B 719 B	52ms 52ms	Script application/javascript	185.15.175.159 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/extensions/extension_1086.js?i=892104179707486 Requested by Host: tag.digitaltarget.ru URL: https://tag.digitaltarget.ru/adcm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash ea5267ab8f48df1f085df89f320a63ffe30ae68c5b02d85ec0437e4cdcb6b7de Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:56 GMT Last-Modified Tue, 16 Nov 2021 09:48:09 GMT Server nginx ETag "61937e59-1db" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 475
GET H/1.1	404 Not Found	i dmg.digitaltarget.ru/1/7248/i/ Redirect Chain https://dmg.digitaltarget.ru/1/7248/i/i?i=414458319025465.800793575578828&c=tg:adcm_pc https://dmg.digitaltarget.ru/1/7248/i/i?i=414458319025465.800793575578828&c=tg:adcm_pc&q=scc	0 452 B	49ms 49ms	Image text/plain	185.15.175.146 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/1/7248/i/i?i=414458319025465.800793575578828&c=tg:adcm_pc&q=scc Protocol HTTP/1.1 Server 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:56 GMT Server nginx Connection keep-alive Content-Type Not found: placement 7248 Transfer-Encoding chunked P3P policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE" Redirect headers Location /1/7248/i/i?i=414458319025465.800793575578828&c=tg:adcm_pc&q=scc Date Fri, 28 Jan 2022 02:54:56 GMT Server nginx Connection keep-alive Content-Length 0 P3P policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"
GET H/1.1	200 OK	i dmg.digitaltarget.ru/1/6533/i/ Redirect Chain https://dmg.digitaltarget.ru/1/6534/i/i?i=414458319025465.179980478499214&c=tg:adcm_pc https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=414458319025465.179980478499214&c=tg:adcm_pc https://fnc.rt.ru/1/6532/i/i?i=3l1z-LP58v0HteR76p0H&c=tg:rds_6534 https://fnc.rt.ru/awg/custom/6532/i/i?call_source=awg&i=3l1z-LP58v0HteR76p0H&c=tg:rds_6534 https://dmg.digitaltarget.ru/1/6533/i/i?i=xKMWRuE5oGHzZkK7FuhZ&a=774&e=8fvlvR854OA2.3k7F5F1	49 B 602 B	53ms 52ms	Image image/gif	185.15.175.146 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/1/6533/i/i?i=xKMWRuE5oGHzZkK7FuhZ&a=774&e=8fvlvR854OA2.3k7F5F1 Protocol HTTP/1.1 Server 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:56 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 3 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Fri, 28 Jan 2022 02:54:56 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/1/6533/i/i?i=xKMWRuE5oGHzZkK7FuhZ&a=774&e=8fvlvR854OA2.3k7F5F1 X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 3 Content-Length 0 X-Content-Type-Options nosniff
GET H/1.1	200 OK	i dmg.digitaltarget.ru/1/6401/i/ Redirect Chain https://dmg.digitaltarget.ru/1/1086/i/i?i=414458319025465.678077257481992&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:dut_cnuyBxghrEen9S6TYsjC.x... https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=414458319025465.678077257481992&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:d... https://matcher.upravel.com/m?id=DBF5TKgqqF355555Yrg4&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D%26rds%3D1086 https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=dbb57d19-2e94-4813-8062-0fa3bcb03d80&rds=1086	49 B 602 B	56ms 56ms	Image image/gif	185.15.175.146 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=dbb57d19-2e94-4813-8062-0fa3bcb03d80&rds=1086 Protocol HTTP/1.1 Server 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:56 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 2 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers date Fri, 28 Jan 2022 02:54:56 GMT server nginx location https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=dbb57d19-2e94-4813-8062-0fa3bcb03d80&rds=1086 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 0
GET H/1.1	200 OK	i dmg.digitaltarget.ru/1/2016/i/ Redirect Chain https://dmg.digitaltarget.ru/1/1086/i/i?i=414458319025465.632075444931107&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:dut_cnuyBxghrEen9S6TYsjC.x... https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=414458319025465.632075444931107&a=86&e=5EFC831F815AF3612D0BE78402F69A4C&c=ss:86.up:5EFC831F815AF3612D0BE78402F69A4C.sync:up.xdua:d... https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086 https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086&cc=1 https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMTIaNtGSKRfuXXN+b55UFHA==&c=pc:&i=811af7db&rds=1086	49 B 602 B	53ms 52ms	Image image/gif	185.15.175.146 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMTIaNtGSKRfuXXN+b55UFHA==&c=pc:&i=811af7db&rds=1086 Protocol HTTP/1.1 Server 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://sci-hub.hkvisa.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 28 Jan 2022 02:54:56 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 3 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Pragma no-cache Date Fri, 28 Jan 2022 02:54:56 GMT Server nginx/1.16.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMTIaNtGSKRfuXXN+b55UFHA==&c=pc:&i=811af7db&rds=1086 Cache-Control max-age=0, no-cache, no-store Connection close Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B0A2	42 B 64 B	72ms 71ms	Fetch image/gif	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgxN0KBQcnoi9A7sMvWpV8zkjXKcni7VzwAcY323Q7lSXwZEQk_DjZVGOyh83T1yXFgkKd61gP-bzOO2EpjxcVew_kiQBQ6H1QRaJo6RLlSZUgm3V5RA&sai=AMfl-YSszXUlSF0RsEduiz0bh8E4UwgXTWJmjZQ7aA64Q1JaWkQwGVsYNfE9JY6WJTRoYLuXRmnugKtIUOrG&sig=Cg0ArKJSzOeLht5Bj54iEAE&id=lidar2&mcvt=1002&p=0,0,90,970&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1980608376&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643338494009&rpt=1065&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 02:54:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 59B2	0 127 B	15ms 14ms	Ping text/plain	178.250.2.150 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=mDg1hSMxCioOCtz3-6cfJxAJawXU2Y3z1yxA7q3CPaMZVZau9npHCei83JWq7Tg4R1QMPJcDeR0iiB9WrHp_09WdEXQ5XhuA5sT6YQqApcN33y_zM_e-vZdxNdN15uG36YnjhR8o7oi7B_LL1bM_zpjxkJPkGicEtxINBX_I09PfytuU6yRfMUumpyfFV2N9ximkRJm4DZF9IL2RcYpkleqitWV-jGbW3spW2xdU0EX770ssvGd2R8GvPa94DgKxo0_5yg&sds=2&rev=80217&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YfNa_gAJE-8Iu8X3AAM17rooMJj3VTQc2WlAFg&u=%7CahyyAyVtEoYgHCZZM26pcV4O%2F1p23jFKVSnx5E%2FczXI%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdNcMXyuppakctDlH2N431gKw5q1K-Le5CNASJ1SgwC_9yDmJH3nPv9SyT1kwbrVZsU521gnrh76HrCTyLpgPztna4ttDbI8vJrqrQMZD05z8xVbs1hTIvB75HD6sVd4uVfG16l-w-gXnI1UDW9QMMcrWxX-mjq6tN0Szo6opRUCArFVzQl0_1OR_XmGF_QbELkGtIZCisWqwRa1KrMaal6nP9bF_GQwM1Q93mT5sxenOkBT7gI-_NV2f16k1wCUOWQ-vmxeGkEv50gqJNyDCydwLNAbu2uvgpM2USaE6VzRXf0UsftlKKL4a8Y5wzW9eIYzqTX1zjjCPyDPRI_bAvhvJLpBt1jowU7WZDHoNK4doBbPEh5_upLq9qeqtYjPWJCIz-xuCcjeLcwm4Gxf5hmtVk402eSlU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgHk9_lrzYe-nJPeL7_UP7uuMwAfJntKxXKX8k_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzigAdW20uoDyAEJqQJ57d7YvrGyPqgDAaoE0AFP0Ck6shElE9ZQMxV_WHD3PpkYYIOm_t8zwLfBDnwqJAYCnB_qAzyv3wmDCZyUtGk83f-BtSRuRKw9WfvDnB3rRHrkiGbV3a2-bGwSAyk8mc4MH5YmNAcSIe4ywDOdAZSD8Ezk9rdeoE4MQvHqdhMNN9fuZeByP22CH8ks6AFbKhPJJYXBnY3rXrk0bjztT912mzCaWLIhSF9sk_yu-XUHTPUjLaTVd3e0XQdSEzppyd5nx9bVMZ_M1cV9lWorU3YD3CILW9GYCvLCod268hfJgAacg7eOr6v_t5oBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0StaVMMCNH-9LlkzOtBQ9rr2MRSA%26client%3Dca-pub-4788083219224278%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Fri, 28 Jan 2022 02:54:56 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0 strict-transport-security max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

img.sci-hub.shop

URL

https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_cver=1&google_gid=CAESECID45mcVhp2rmeu9rCxCPk&google_push=AYg5qPLNFoSFeztiIA7mjKRXBg4mvzNliamaruo2j52tkKWt913HlSdu3qwkZiVyx1zqUExAJ19m2REY7K_DTEc8ZlQA6UK06g-h

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YfNa_nLB2iCMV6mCAISLtgAABG8AAAAB&google_push=AYg5qPKfomS7zgQDBsDCM0yW-D_-8nk9Bsd5F-i7yLfiS4XwWEh_8M7-r1MQon-1_zoUfgby44cJ5A0V-75Sp-gHhYEe990Ukk9b9w&google_gid=CAESEA8IB2HDJug7UujubbaCGqc&google_cver=1

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/generate_204?SsxtmA