sci-hubtw.hkvisa.net
2a06:98c1:3121::c Malicious Activity!

Go To Rescan
Add Verdict Report

URL:
https://sci-hubtw.hkvisa.net/
Submission: On March 02 via api (March 2nd 2023, 3:36:06 am UTC) from IE — Scanned from NL

Summary HTTP 84 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 84 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hubtw.hkvisa.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 8th 2023. Valid for: a year.

This is the only time sci-hubtw.hkvisa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:3::f 2a02:2638:3::f	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
84	18

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

sci-hubtw.hkvisa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	criteo.net static.criteo.net — Cisco Umbrella Rank: 625 csm.eu.criteo.net — Cisco Umbrella Rank: 8487 pix.eu.criteo.net — Cisco Umbrella Rank: 7936	331 KB
21	sci-hub.shop img.sci-hub.shop — Cisco Umbrella Rank: 351743	584 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	265 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	27 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8414 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9640 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13386	45 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9857	1 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 14351	696 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	603 B
1	hkvisa.net sci-hubtw.hkvisa.net	7 KB
0	kitbit.net Failed kitbit.net Failed
0	pluso.ru Failed share.pluso.ru Failed
84	14

	Domain	Requested by
21	img.sci-hub.shop	sci-hubtw.hkvisa.net
14	pix.eu.criteo.net
9	pagead2.googlesyndication.com	sci-hubtw.hkvisa.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	static.criteo.net	ads.eu.criteo.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
2	counter.yadro.ru	1 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	rtb.nl3.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hubtw.hkvisa.net
0	kitbit.net Failed	img.sci-hub.shop
0	share.pluso.ru Failed	img.sci-hub.shop
84	20

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
hkvisa.net Cloudflare Inc ECC CA-3	`2023-02-08` - `2024-02-08`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-04-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://sci-hubtw.hkvisa.net/
Frame ID: F7D2AEA07E5BBF01E4B9D3D090AFFFD4
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Frame ID: 74A3691D86A6CEE730E7D14479951E99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677728167&format=970x90&url=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677728167651&bpp=7&bdt=706&idt=233&shv=r20230227&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&correlator=8766770406825&frm=20&pv=2&ga_vid=1025566421.1677728168&ga_sid=1677728168&ga_hid=1759639898&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072742&oid=2&pvsid=2597787460747545&tmod=654738983&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OwAlMyxzuN&p=https%3A//sci-hubtw.hkvisa.net&dtd=277
Frame ID: 8CEDEC77097A76903C01A04535D7A86A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1677728167&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677728167658&bpp=2&bdt=713&idt=281&shv=r20230227&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=8766770406825&frm=20&pv=1&ga_vid=1025566421.1677728168&ga_sid=1677728168&ga_hid=1759639898&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072742&oid=2&pvsid=2597787460747545&tmod=654738983&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=id2tL6bDZN&p=https%3A//sci-hubtw.hkvisa.net&dtd=294
Frame ID: 97D740AB50F2618592B846D800454E7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1677728167&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677728167676&bpp=2&bdt=732&idt=285&shv=r20230227&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=8766770406825&frm=20&pv=1&ga_vid=1025566421.1677728168&ga_sid=1677728168&ga_hid=1759639898&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072742&oid=2&pvsid=2597787460747545&tmod=654738983&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=300
Frame ID: 15C5F3B7C7F00C66B1DCCCBB9DBC9F94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1
Frame ID: 09998E5A254F364792FED313056E8657
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAAZqAAAYxcKd6kPAA_ZTDIFrVLOuELB81ojIA&u=%7CYh76Dk1zVw5EsuzwkEPylEKgMSntjHnxcDfE8K6K43s%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-qxq3TjMcaR0yTnhTiCAW3cZKn_3h_alRdLuw-toS-__UmLK5Vl0qrpNhG4MUSm2Rv_i3HLbIITz4HV7LvFM5OdOHDI19xyPmEBWavKnRC9ficjGqgoyC0P2okS7yAiY0AN5LLMbQWfSc05x5RGfMrJ51BF-L_ygmQMX4EoRsoxYGioQGRckWwLBBjb29BGKH44HPO2VB3aJl_S3fMypjD7TfPOUL-xYsH8QV8xgOgbNg9WdaV6-I1EVgPrFOHoaOdr9UHzzsIAVCCyLBosXZTiaSK3t4E6S4YA1IDzRpklgfi7gtHnm06Rv_t0nGn147SiNZy1F4_C94ayEV2G7RVtoy5UXAMAkpbEHe3dtH-E1pTtaYhSwQ1s2aZ7P_AIILDLYi09Tx6mKWZ-CPEQn0fjDyzB2c9YK5lcsX2_z1x7IoN693Ve8QCsvnpDckzrO2XGbXiy8QP1CRrxQ_iQqQAhISEvsazYHa_FqQCNn8YLfJBBU9SON2Q45NhrB1wj-O7Gw5KRv4mevMtQ0bNjnqgxbEKvkcygSvQoEvAZUsdHwbgs6mSca-4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWlm7qBkAZJfGAY_S3gPMsr-wAsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCLvsrhMnlsT6oAwGqBM0BT9C-rNcaoNmQeJoVJOSQR6UHt05nbhgetxSiu41LXFSqvEZ45OKlCktRCayXAByPH3e7Qv_loPhR20mPxV1RL1MEtTFgqyjds2Gg8dsDLGcJGIxPMdZm0u4nzwdzQ9KOk6VmkXq-gxfUnxo1H8tEK_crBJltdvK__8lSqHKvpYIVTW_JTXIeMZEDQoZnhzJvHQ33sn_I9sUe93EcXnXmYV_J6-_yd_qIyZiJ53cXtdcpTbn3npZu_5Qs9yXswtqRA3mCm5oP1LsVT7lV14AG6fyjgsCJgInHAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1K5SdJvLRPS4qDieFOUSO0XS16HA%26client%3Dca-pub-4788083219224278%26adurl%3D
Frame ID: 454CB03F8F93D89C78704E0663DB5760
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 514DDCA7465009D78607DF9FAFC3F18F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DC8611E409E1723C73E0CD11CDD5CEC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

84
Requests

92 %
HTTPS

88 %
IPv6

14
Domains

20
Subdomains

18
IPs

5
Countries

1316 kB
Transfer

2403 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hubtw.hkvisa.net/;hSci-Hub;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hubtw.hkvisa.net/;hSci-Hub;1

84 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sci-hubtw.hkvisa.net/ 27 KB
7 KB 449ms
350ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hubtw.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd3786819ee434771fb75d29eca8ebde5104b68401a00211c409195d466d3053

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=43200 no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a1697f14c5bb986-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 03:36:06 GMT
expires: Thu, 02 Mar 2023 15:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZBXJNvHffjQ378rJR%2B%2FfTxorWO6OJ4VSy6Rwm2hb3rA%2FsfPrMirEuh2NU0ZxJut2NVoyDeDobcmG5b8bOdEgRFwvOCv%2BEggbv1gln89q%2FcS73SOvWeqQX1O5zMcFCuC9j9hHgWllKvp%2B96NmjyvKRIbRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-cache: MISS MISS

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 264ms
36ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 592567
etag: W/"5c00bb7c-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaCrMWGsHQYfDIhV7cqXo9WT%2FKMQgFwrLoQTqZl2P9uNAhwT%2BfB5OR7rhUWpbnaJjiLC9ugyNHLFHczl%2B2Csb08BgUZEF%2BEKNZCxXsIXM1HBe4IAJ%2B8aHWibpiw0e3s30BaCV5cMjxOak%2BJHLAAT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a1697f4ed440a77-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:00:00 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 295ms
68ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 592567
etag: W/"5c13665c-3dee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZiJ4e0cLX34tAxMTRahSLV59wrOp0SLu8leKyHmK48SmMQ6KHcKPKrQNHv8o2%2BpetUggMVfel3jMbCzGCI%2B7S0niS3XvBJAgPGaCnz9WVnc4xEbr%2BXe7ygv0sBIPtAQR7rTt68L5cESoZIA1735"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a1697f4ed460a77-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:00:00 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
23 KB 275ms
48ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 592567
etag: W/"5c00bb8c-1798d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IVEmrIOCLlS6eg%2BGV2DhRtIQsXTMwxgSHRsF5bie%2F66EZ4GwE6HD0eCHWhJ8KoOYXFmCX9A2cq11XrFAQjxFMZIEUKNRXew%2F6%2BWRjk4GEIvGKN8ZitLtDIAbknYyXxaoNt5bCrQuRBk6AQRaaRq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a1697f4ed470a77-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:00:00 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 32ms
31ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592667
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDK8FPTptHdx3%2BmGxjECoOYepT1dmaAc%2Bse701ABlwrooZOZEE3IKohItXqDq6EbPzkkFQy%2BXBEtKRR0j24umA%2BfPt9AeXwvs%2Fy6UFhXX9fvdh%2FBaBpqIKL%2FD93Fx2cxEq66nN6m9kq4VxSMBgGr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f59dee0a77-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H2 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 32ms
32ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592667
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCCfSd2jNlJOdxLdz8J3677R9p7jlOPy%2BrBpwlnQLyzPQl7OwfYP0xPqIj2gGGJFVu3kDnOkx93VRpt%2FtnLwzmoAHCH9nHjis%2FDabXGjayVWf2cVwrDE6duCYCbYUEzA9sVIJmkUi5GzO7tkwXVg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f5adf60a77-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 212ms
98ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f34f7105cd770679d13ebfc9edcfebd082e0f5217a3e3f7293dcb57cacb4fa11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48164
x-xss-protection: 0
server: cafe
etag: 16249991427573439624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 03:36:07 GMT

GET
H3 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 93ms
92ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BShAJW58G4Jdpj%2BP7%2F37Ekfy7%2B9mjW3Xlb4onq45FZUqVkS%2BogAZa6CQ%2FEWLNrSHGLHcHyMiQt5ZTm1rgcIjVywU6s4jZ9yG7%2FxLREnK6p6A3h4jdhLdMsB40Sswozk9U%2BnfSo6Pw4ViRIs4jfYU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63ae60e6c-AMS
expires: Sat, 25 Mar 2023 07:01:04 GMT

GET
H3 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 169ms
168ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lV75DD0tHrPMsi%2BWVioFGpPRFdfDaZlFolNm3aDgkS6LN9lMRIQ5AY2tb2ZeeeNxyC57hjvPTmenAEudEmK1pGNNkDMbsdvy5SHZQ2xf4%2FzKeH8qIiEOiO%2BIvtiP2pJ4w6EpdzYgUzGJxq3yAHSt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63ae90e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 190ms
187ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bkdi%2FfLyUFaJqXI3GtoIR8V1vo%2BYjBtZwDlzGBW4zFG3N160TykSOSHR52Tz8udXRQNRXluqShpqXjyjXvV96w%2Bu9%2BsAk4ugho5FFtmXpL57%2BcbfVMfShtMv8dJVQmerl%2Bm8AFXPP6gc3%2BJr06XI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63ae80e6c-AMS
expires: Sat, 25 Mar 2023 07:01:04 GMT

GET
H3 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 193ms
191ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB38ufzZiSYvIR8sg5VE57I6E%2BdJ%2FztCWtT1RlU0hRey5QtZYxtJu5NXdAfZ5NTj4VfiYNLNtfVrLtzGsLsVaUuS7d63u1UZPILtn54tel97%2FC%2BK%2F%2B7VWjLSF6xauzqeTJWokrrec1%2BS7dFAm6wc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63aea0e6c-AMS
expires: Sat, 25 Mar 2023 07:01:04 GMT

GET
H3 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 201ms
198ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eFfmuzB4lc5oiQIkuFuM%2Fg4X1WbMZ3N%2Fn2XtKkoDcbhvpQbU5ofCaCZO%2FyYDRcXmDP7XjViA7cCtCag6%2BM%2BqMKlt%2FE21kE%2BElmi69u2ubaaBhB7bngAhHayqDmTqgW8WpzvoatGntSlBeHbTTzo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63aeb0e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 201ms
199ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgUvl%2BA7POKylwT%2Fy4FWDua8vJ13uFmGGRsRg9Q6%2F5ZD0q6%2BHLSs8x4sSVmuH1BPq5v5DxMNnj3M9qSGVfIBIqMCFN0F0jVDtn7DDWXc22Gkhl2dIydSShuVNaz3vPt%2BsW%2B7StVhLpgICYBSbeBS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63aef0e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 207ms
205ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjFRak7PlB%2BZb3zgkcC3n59yy3%2BPsArG2xm%2FRrqiuitxCaS95ogFuv8g48hXjFq5CsRkFSrS%2Bnu7PyEh44mKZc8FcquKa9CjGdLtsNshl56a2NYzCxchw0TyYe87KAiaPtn%2FD3P4SPy0cVOHxjcy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63aec0e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 209ms
207ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTo7mgd2RTuj8bGmmIHncviEwIQpjK%2FqL970o2xfD8CyjEUV71ZeTgr%2FFtBgPPBzgkXiRxhq8u3o0LtGtgQNtDyeewfzySY87L%2FOQX2IExYXtTTX3fdK0VeMT%2BXvGQppzFW6Lj2HxLtzbukBed9n"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f63af10e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 210ms
208ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvqqLlrM48s%2Bj8D22F6T%2Bt6riFZTt%2BZ%2BfnWP1PdV%2FkmMVLlt1wV2NGla9YuXgNl1bUc9pbKpG1flPCd8Gz9m5%2BZ29ODlTNA1MPDnGN26lPnpke55CSsxWASoji80CY64JgShl%2Bu%2FJJomH4cAMpwf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f64af30e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 211ms
209ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jalOiBRv35%2BnvhuI%2Bny7tLxPVtzdypxukSO7lQHcaSMCHDlU9QHqSqiO56DlLLuKCg0pSqbSkRxq2NbI%2Ffh883ry5koayFjJLUZxpteuY5iJVIIUchnqRWzJjSr5mSw8SUFyNzSlVS2o4NfQjTab"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f64af50e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 44ms
43ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4R0RR40lTHRITNkc3z20yf5Mk3UKldRnHS3xJQiFpwUgqeGhzVQ13vhb8J9paAWSF9sxAzA350ES02Y3qI3XXF1VhUWT5alb%2BUUKqddz30T3imDeuYU8gHoweZr4588xCwJ75Gzyv2jMcXupOB9R"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f62ad00e6c-AMS
expires: Sat, 25 Mar 2023 07:01:04 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 32ms
31ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhX8i7dFbLAq%2F7uFkzZ6b4wBA0kMvpGcRLdV9BFygu81OnyVDPWUv765aAoRWU9ihCCq%2FfzhbFAJfEib3s%2BldqRdOpw2ZYtSngMgE4iASIHmHew8MerWoStab7ZZrWatc5NtBlIMv%2BFUGHEOVEWy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f62ad10e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 32ms
31ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8rTSvr63YeXeFZSmxAt25yn0RmT%2BVyFhk7OqoerU%2B21WRYZNZE80tg5%2FF8lEbcJIhaTBxpIrL8e1KJ2jvmSnvDrmn5ZTZGW8rnV3v9H8MzLWcD%2BtHQDkLZ1Xo%2Fp7bXD4fsxCTZnqMeXeJKV%2FAVm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f62ad20e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 185ms
185ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BEas4ObGjDrEFDQ1GMShmQ8NAx41xhvYX8nbzHhLZA6A%2BsYkShulruCbouSNKuwQblvZxxs8KgztcrWhCHdi87D8T5lvAsOQBqp%2FpXDpx9LGx4GrtyfFYw%2B%2FAsI2SlRpLCJ6O2rGn6m08RtWrzZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f62ad30e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 186ms
186ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjFqVhZzKuiHoxVkNW5%2BIBSxwTzaMx%2F2w9Hv8i9KTlVy7GrwDS5dOicgbRVANp5f0d%2FAH20fGDzquFMtqOi0LrWNA1goYcFivZDw9bXT2nVmTTHuQkY0u%2BiACSxxYRAzfYOKeAPvnkuws%2BsCCKVt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a1697f62ad40e6c-AMS
expires: Sat, 25 Mar 2023 07:04:11 GMT

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 172ms
171ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 592316
etag: W/"5c00bef8-a5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k11ev5eYBGH7v11mMYsskSQEIf3QmVMtQKX62mtAIaIf7%2F6b0zJbS624%2BQt2Ygv7LgXCx7qH6OT5rVoupkwFQb05Ot0Zicf4HqKILOjmSmN5tYEg7pKiHaZgszNNxUCBDpC%2BtnrWCg4Zc2LicC4g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a1697f63ae40e6c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:04:11 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 362 KB
119 KB 92ms
91ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hubtw.hkvisa.net&bust=31072742

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a23019e05865bc30aba9f21bb29caa5bad9e71bce5ce055aefd46d6494e6b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121998
x-xss-protection: 0
server: cafe
etag: 1288542978751363829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 03:36:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/ Frame 74A3 10 KB
5 KB 167ms
46ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hubtw.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 52527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 13:00:40 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 13:00:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 129ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hubtw.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hubtw.hkvisa.net&bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42a76fd2624f05547f281c293e2390c7516cfb74d3c5ed237975f295046459e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 184ms
69ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=sci-hubtw.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 190ms
68ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hubtw.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CED 436 B
411 B 253ms
235ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677728167&format=970x90&url=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677728167651&bpp=7&bdt=706&idt=233&shv=r20230227&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&correlator=8766770406825&frm=20&pv=2&ga_vid=1025566421.1677728168&ga_sid=1677728168&ga_hid=1759639898&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072742&oid=2&pvsid=2597787460747545&tmod=654738983&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=OwAlMyxzuN&p=https%3A//sci-hubtw.hkvisa.net&dtd=277

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0560adeb934f33bfce2fe82b603f09af5ec2c80541bc3dfae2892c06e6023d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hubtw.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 03:36:08 GMT
expires: Thu, 02 Mar 2023 03:36:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97D7 436 B
383 B 368ms
366ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1677728167&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677728167658&bpp=2&bdt=713&idt=281&shv=r20230227&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=8766770406825&frm=20&pv=1&ga_vid=1025566421.1677728168&ga_sid=1677728168&ga_hid=1759639898&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072742&oid=2&pvsid=2597787460747545&tmod=654738983&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=id2tL6bDZN&p=https%3A//sci-hubtw.hkvisa.net&dtd=294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a73e31bcecf9e05a426418cbfd354d215b57ca10961ee3b85e84f7caa3e9d4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hubtw.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 03:36:08 GMT
expires: Thu, 02 Mar 2023 03:36:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
78ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hubtw.hkvisa.net
URL: https://sci-hubtw.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 03:36:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15C5 57 KB
17 KB 247ms
247ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1677728167&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677728167676&bpp=2&bdt=732&idt=285&shv=r20230227&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=8766770406825&frm=20&pv=1&ga_vid=1025566421.1677728168&ga_sid=1677728168&ga_hid=1759639898&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072742&oid=2&pvsid=2597787460747545&tmod=654738983&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

176e7e640296906a87b72a752172e2dd119090f40318177d34b19277fd288d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hubtw.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17458
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 03:36:08 GMT
expires: Thu, 02 Mar 2023 03:36:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 150 KB
51 KB 79ms
78ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/reactive_library_fy2021.js?bust=31072742

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bec55ae238e9490e7a00afc438d133d08b7a66cc48bdf99761f5c4b36586cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52360
x-xss-protection: 0
server: cafe
etag: 5810016800809394299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 03:36:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 70ms
68ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=sci-hubtw.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 70ms
69ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hubtw.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/ Frame 0999 10 KB
5 KB 48ms
45ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hubtw.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 52528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 13:00:40 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 13:00:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 454C 129 KB
44 KB 644ms
116ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAAZqAAAYxcKd6kPAA_ZTDIFrVLOuELB81ojIA&u=%7CYh76Dk1zVw5EsuzwkEPylEKgMSntjHnxcDfE8K6K43s%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-qxq3TjMcaR0yTnhTiCAW3cZKn_3h_alRdLuw-toS-__UmLK5Vl0qrpNhG4MUSm2Rv_i3HLbIITz4HV7LvFM5OdOHDI19xyPmEBWavKnRC9ficjGqgoyC0P2okS7yAiY0AN5LLMbQWfSc05x5RGfMrJ51BF-L_ygmQMX4EoRsoxYGioQGRckWwLBBjb29BGKH44HPO2VB3aJl_S3fMypjD7TfPOUL-xYsH8QV8xgOgbNg9WdaV6-I1EVgPrFOHoaOdr9UHzzsIAVCCyLBosXZTiaSK3t4E6S4YA1IDzRpklgfi7gtHnm06Rv_t0nGn147SiNZy1F4_C94ayEV2G7RVtoy5UXAMAkpbEHe3dtH-E1pTtaYhSwQ1s2aZ7P_AIILDLYi09Tx6mKWZ-CPEQn0fjDyzB2c9YK5lcsX2_z1x7IoN693Ve8QCsvnpDckzrO2XGbXiy8QP1CRrxQ_iQqQAhISEvsazYHa_FqQCNn8YLfJBBU9SON2Q45NhrB1wj-O7Gw5KRv4mevMtQ0bNjnqgxbEKvkcygSvQoEvAZUsdHwbgs6mSca-4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWlm7qBkAZJfGAY_S3gPMsr-wAsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCLvsrhMnlsT6oAwGqBM0BT9C-rNcaoNmQeJoVJOSQR6UHt05nbhgetxSiu41LXFSqvEZ45OKlCktRCayXAByPH3e7Qv_loPhR20mPxV1RL1MEtTFgqyjds2Gg8dsDLGcJGIxPMdZm0u4nzwdzQ9KOk6VmkXq-gxfUnxo1H8tEK_crBJltdvK__8lSqHKvpYIVTW_JTXIeMZEDQoZnhzJvHQ33sn_I9sUe93EcXnXmYV_J6-_yd_qIyZiJ53cXtdcpTbn3npZu_5Qs9yXswtqRA3mCm5oP1LsVT7lV14AG6fyjgsCJgInHAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1K5SdJvLRPS4qDieFOUSO0XS16HA%26client%3Dca-pub-4788083219224278%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9306d2c90a415f9c6fc9be07af4074737692847b5f0b5f6dd673d3408134d6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 03:36:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Eo_oWxn4oMnALeO3EwFNFxNeNf0CHmMLSMqQT2SjPMqlVsVnRW4ruHBD1y-PklaPJBdb24Rz8VyBoMS9idiPWuZqNApltJoYQiY8UD-gn3SBNWOnKirvExRz79og3gwG-Urij8RucFqBDbp1tg5tkbkHOa3CbcLZXAIGBYoZBsQ_YLYoFrKhxjFoeVQAI7Bm_G-IHsbK2LXu5xCUsRA6TMiMWe2iL7M1BOp0-Pki3aBkjTAkN5nM0c3PsHs"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 67621362
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 0999 3 KB
1 KB 168ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 0999 20 KB
9 KB 161ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:40:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0999 158 KB
49 KB 261ms
116ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 03:36:08 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 454C 2 KB
1 KB 95ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZAAZqAAAYxcKd6kPAA_ZTDIFrVLOuELB81ojIA&u=%7CYh76Dk1zVw5EsuzwkEPylEKgMSntjHnxcDfE8K6K43s%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrSzdAvklCiymh-AmoIDed1ipUT25GSf4krQyHSRYdaHg7S2txPrKTY-qxq3TjMcaR0yTnhTiCAW3cZKn_3h_alRdLuw-toS-__UmLK5Vl0qrpNhG4MUSm2Rv_i3HLbIITz4HV7LvFM5OdOHDI19xyPmEBWavKnRC9ficjGqgoyC0P2okS7yAiY0AN5LLMbQWfSc05x5RGfMrJ51BF-L_ygmQMX4EoRsoxYGioQGRckWwLBBjb29BGKH44HPO2VB3aJl_S3fMypjD7TfPOUL-xYsH8QV8xgOgbNg9WdaV6-I1EVgPrFOHoaOdr9UHzzsIAVCCyLBosXZTiaSK3t4E6S4YA1IDzRpklgfi7gtHnm06Rv_t0nGn147SiNZy1F4_C94ayEV2G7RVtoy5UXAMAkpbEHe3dtH-E1pTtaYhSwQ1s2aZ7P_AIILDLYi09Tx6mKWZ-CPEQn0fjDyzB2c9YK5lcsX2_z1x7IoN693Ve8QCsvnpDckzrO2XGbXiy8QP1CRrxQ_iQqQAhISEvsazYHa_FqQCNn8YLfJBBU9SON2Q45NhrB1wj-O7Gw5KRv4mevMtQ0bNjnqgxbEKvkcygSvQoEvAZUsdHwbgs6mSca-4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWlm7qBkAZJfGAY_S3gPMsr-wAsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCLvsrhMnlsT6oAwGqBM0BT9C-rNcaoNmQeJoVJOSQR6UHt05nbhgetxSiu41LXFSqvEZ45OKlCktRCayXAByPH3e7Qv_loPhR20mPxV1RL1MEtTFgqyjds2Gg8dsDLGcJGIxPMdZm0u4nzwdzQ9KOk6VmkXq-gxfUnxo1H8tEK_crBJltdvK__8lSqHKvpYIVTW_JTXIeMZEDQoZnhzJvHQ33sn_I9sUe93EcXnXmYV_J6-_yd_qIyZiJ53cXtdcpTbn3npZu_5Qs9yXswtqRA3mCm5oP1LsVT7lV14AG6fyjgsCJgInHAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1K5SdJvLRPS4qDieFOUSO0XS16HA%26client%3Dca-pub-4788083219224278%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 25 Feb 2024 03:36:09 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 454C 2 KB
1 KB 95ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 25 Feb 2024 03:36:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 454C 308 B
636 B 95ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 25 Feb 2024 03:36:09 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 454C 293 B
622 B 93ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 25 Feb 2024 03:36:09 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 454C 43 B
348 B 138ms
39ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JNehfIjfzSFgigYcTGxG2Z4cEkWvrCytpV0rafpQupUbnHShHF1N7_kqsBLSvsTrlrPBqJ4bdrbVNcS2TH8_ujtNYoRBznsDVA7a8GyVA0TqJnWmqLSfNTXE65qHFCnRJwtIh3ubCPG0pIKdC9Idr2wNRfvVrzR3-WV1myNFpN83_-OzmzvG2qyOQUZD2jkxvzAeg7mjPZpX9qGInoTOYLZqIl-cjsJ3Sm1H5gKPJmFyLJaiNArDA-Feoa1Sgu79gZRy6Ocq9tJQJ6nxYYCwVTHD4e4Xdiu_UDs8rsBl9ucIP3lViYIk3umukJ1NrzAL_qY2cNPuj0ZffH4jCRNdecgNC-5wZKDpv77N4uTNDrVdnfPnpOysiIN4XN3EyoKLnC13VsDuguPyKG3BZbAVOrAri5i-7tqu5GKr13S0Wvypzg4Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2969738
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 454C 12 KB
5 KB 85ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1150449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyWCO4Hjf8DHBAXCefExgnEx3MJKs%2Bpgl%2FEeL3tt82t83NCfyjNpemGv96XIDfSJ1rKPJTxlmFnherllImn8yxCh3Jl72sofHoa9aJkPUfWsd3yaQfoc2LpnEj%2BpeaWGqbohHL%2F1gPaC981T4onDZuzJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a1698041fa8b713-AMS
expires: Tue, 20 Feb 2024 03:36:09 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 454C 12 KB
6 KB 89ms
34ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 25 Feb 2024 03:36:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 454C 0
128 B 344ms
25ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Eo_oWxn4oMnALeO3EwFNFxNeNf0CHmMLSMqQT2SjPMqlVsVnRW4ruHBD1y-PklaPJBdb24Rz8VyBoMS9idiPWuZqNApltJoYQiY8UD-gn3SBNWOnKirvExRz79og3gwG-Urij8RucFqBDbp1tg5tkbkHOa3CbcLZXAIGBYoZBsQ_YLYoFrKhxjFoeVQAI7Bm_G-IHsbK2LXu5xCUsRA6TMiMWe2iL7M1BOp0-Pki3aBkjTAkN5nM0c3PsHs&sds=2&rev=84953&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 454C 2 KB
1 KB 106ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 25 Feb 2024 03:36:09 GMT

GET
H2 200 19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 454C 15 KB
15 KB 151ms
89ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 01 Dec 2017 12:57:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a2151ba-3b68"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 25 Feb 2024 03:36:09 GMT

GET
H2 200 b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 454C 31 KB
31 KB 93ms
31ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 30 Oct 2017 21:00:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"59f792d7-7a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 25 Feb 2024 03:36:09 GMT

GET
DATA 200
OK truncated
/ Frame 0999 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bc4755dd88c30907af9f9670916ca26c3f60f4456b2cf21d249c25dff00b5b8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET process
share.pluso.ru/ 0
0

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hubtw.hkvisa.net/;hSci-Hub;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hubtw.hkvisa.net/;hSci-Hub;1

43 B
528 B

69ms
65ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hubtw.hkvisa.net/;hSci-Hub;1

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 03:36:10 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 01 Mar 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 03:36:09 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hubtw.hkvisa.net/;hSci-Hub;1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 01 Mar 2022 21:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 173ms
79ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230227&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa870572136d3fcc2d3562d515d35ff53042111a7add99bd98f94c6aec6204e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11182
x-xss-protection: 0

GET 06.png
share.pluso.ru/img/pluso-like/square/medium/ 0
0

GET plus.png
share.pluso.ru/img/ 0
0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0999 0
22 B 121ms
121ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqcC_qBkAZJfGAY_S3gPMsr-wAsme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCLvsrhMnlsT6oAwGqBMoBT9C-rNcaoNmQeJoVJOSQR6UHt05nbhgetxSiu41LXFSqvEZ45OKlCktRCayXAByPH3e7Qv_loPhR20mPxV1RL1MEtTFgqyjds2Gg8dsDLGcJGIxPMdZm0u4nzwdzQ9KOk6VmkXq-gxfUnxo1H8tEK_crBJltdvK__8lSqHKvpYIVTW_JTXIeMZEDQoZnhzJvHQ33sn_I9sUe93EcXnXmYV_J6--wddsaThcV9MiLoXT5cB8Pl4JkSZ4C76dYCuc38cact4KKfj8G8IAG6fyjgsCJgInHAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDc4ODA4MzIxOTIyNDI3OBgA&sigh=FkPtFD0CXjg&uach_m=[UACH]&cid=CAQSGwDUE5ymyovbIXabqfcui_gHJFgjCKyXvbxh7RgB&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 03:36:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 03:36:09 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 0999 0
126 B 281ms
56ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ktLjDci-MLQB9AOdg2ICAgAAAPV_BunOty_0-Sn-BxCnGQBk11PTH_5QdUHxEAAAEgAACg5BUVVCQVFZQkFRRUJBUQ&wp=ZAAZqAAAYxcKd6kPAA_ZTDIFrVLOuELB81ojIA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 161199
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 69 KB
69 KB 120ms
48ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=15718&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F15718%2F230223%2F5839a5b795d34936a3a97c382b1b8337_img_vertical_1.jpg&v=3&w=1200&s=RY_7WuaM7hWPBtUCW9iqkmXN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ade7225dc575a8fc8d486b3afea56ecad57ee7e7cae5989858c467a75c0fa157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30526818
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 70716
expires: Sun, 18 Feb 2024 11:16:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 11 KB
11 KB 172ms
99ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_559760_a%26w%3D600%26h%3D425%26resmode%3Dsharp%26qlt%3D80%26v%3D1&v=3&w=400&s=6B38cdmj8fXe18FDsNbErJPj&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

424e11b87cf0ea020cf56a92c8d2cdb6b04189c131101f1aab820d0f1bc6fcb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10834
expires: Thu, 02 Mar 2023 03:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 8 KB
8 KB 155ms
82ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_560970_a%26w%3D600%26h%3D425%26resmode%3Dsharp%26qlt%3D80%26v%3D1%26exclusive%3D1&v=3&w=400&s=11Bm1wyMh_GqIJHeBSG6qVfm&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

779126f6a53ed7bfb8e2665938cf3510184b21e5e0a82f95c1beed1958aaefd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7888
expires: Thu, 02 Mar 2023 03:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 12 KB
12 KB 157ms
85ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_470330_a%26w%3D600%26h%3D425%26resmode%3Dsharp%26qlt%3D80%26v%3D1%26exclusive%3D1&v=3&w=400&s=irotl9NXA-7O0Cu7E3gsWPu7&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c7dad6d1bc76bcbe6697529e9c72581df4b4bfa9cb0cd3f2f940c9b4b4037edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12508
expires: Thu, 02 Mar 2023 03:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 10 KB
11 KB 186ms
114ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_557557_a%26w%3D600%26h%3D425%26resmode%3Dsharp%26qlt%3D80%26v%3D1%26exclusive%3D1&v=3&w=400&s=Zi8mM7Ci0q6HzIDnaZXztgYS&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9583f52c65a392ca13c606fee2cb70878b563144548bfa51f040380ce35cd313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10582
expires: Thu, 02 Mar 2023 03:36:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 7 KB
8 KB 177ms
105ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_417323_a%26w%3D600%26h%3D425%26resmode%3Dsharp%26qlt%3D80%26v%3D1&v=3&w=400&s=7AJ1hR9oK_iiLTyopzzcZJJq&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b857a8577563ab015fa8361516b713010286674b7dceea7258e0e88486dd80d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1756
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7476
expires: Thu, 02 Mar 2023 04:05:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 18 KB
18 KB 114ms
114ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_611200_a%26w%3D600%26h%3D425%26resmode%3Dsharp%26qlt%3D80%26v%3D1&v=3&w=400&s=E_ZRrLY2o-pRzB-9FTpeC620&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cd158c47df6903e6df3e7331e43be311547b49e4cefaf0ab715b20bccd8bb747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1472
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18406
expires: Thu, 02 Mar 2023 04:00:42 GMT

GET kb.js
kitbit.net/ 0
0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 8 KB
8 KB 31ms
31ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

779126f6a53ed7bfb8e2665938cf3510184b21e5e0a82f95c1beed1958aaefd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7888
expires: Thu, 02 Mar 2023 03:36:09 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 152ms
151ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 03:36:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 69 KB
69 KB 34ms
33ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ade7225dc575a8fc8d486b3afea56ecad57ee7e7cae5989858c467a75c0fa157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30526818
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 70716
expires: Sun, 18 Feb 2024 11:16:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 12 KB
12 KB 32ms
32ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c7dad6d1bc76bcbe6697529e9c72581df4b4bfa9cb0cd3f2f940c9b4b4037edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12508
expires: Thu, 02 Mar 2023 03:36:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 10 KB
11 KB 45ms
31ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9583f52c65a392ca13c606fee2cb70878b563144548bfa51f040380ce35cd313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10582
expires: Thu, 02 Mar 2023 03:36:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 11 KB
11 KB 43ms
30ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

424e11b87cf0ea020cf56a92c8d2cdb6b04189c131101f1aab820d0f1bc6fcb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10834
expires: Thu, 02 Mar 2023 03:36:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 7 KB
8 KB 45ms
32ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b857a8577563ab015fa8361516b713010286674b7dceea7258e0e88486dd80d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1756
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7476
expires: Thu, 02 Mar 2023 04:05:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 454C 18 KB
18 KB 38ms
33ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cd158c47df6903e6df3e7331e43be311547b49e4cefaf0ab715b20bccd8bb747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1472
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18406
expires: Thu, 02 Mar 2023 04:00:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 514D 13 KB
5 KB 47ms
46ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hubtw.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 32220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:39:10 GMT
expires: Thu, 29 Feb 2024 18:39:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4DC8 783 B
1 KB 190ms
60ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fff4ab2a2155135871b9a36bc3326e7b66f56bf871b4158140f00da3ef125d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a0qXyt4EKvSE5EqOcTLPOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hubtw.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-a0qXyt4EKvSE5EqOcTLPOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 03:36:10 GMT
expires: Thu, 02 Mar 2023 03:36:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame 514D 36 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 08:05:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 514D 0
10 B 46ms
46ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u2GQOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:36:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4DC8 0
0 78ms
78ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230227&jk=2597787460747545&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 454C 0
127 B 25ms
25ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 03:36:10 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0999 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspaELlcVK7aIEv9qASNJBi6OufhuvspJUMqUvSsyCd-6H42YOhaIf-EndUGThQhHLNaQoNbbVCFuSE1TIMZZNZVJ8&sig=Cg0ArKJSzNEmvRQ-4lNCEAE&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677728168534&rpt=567&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 03:36:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
81ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230227&jk=2597787460747545&bg=!Y2ClYDTNAAbK-VRH6vk7ADkAdvg8Wh2d4u0JpYd-BHEI_NrKvcDsQRgI0QrxzdXikMfTOy2THXRHggxVIC5da0epEjh0oow4syUCAAAAc1IAAAADaAEHmQK3f7Jb4DgPiSNCu32kKi9m9CunPgUjrpuwkncZEA0dOI3haBx3qcU8Ng51yHb8lVO4u4gRFVl3CKn26hyPE-3gZJ_Dk5CmfZYLkCviKeq8e98ydGqBhYt-kuK8ez-Tk-PRENlw4_TP8U7E_gXlgAmxqUFjFM6dIABegZRjuxtK1et3LkHWIJJ_P6i3RIY6fBakpIKsmnm5tP1tM1vBvulWEZ2MxOktEKO5fFlx_fHmhuFbtP9raV4AjwDPFZta5DrpBXMy8NskAjijAOG11CnX6QnTbW8l7kvAcWeud0sJSTFZNSnQGVhS2ButzztlXoKiots6RxAmidk3FP3u_rDzJ5J74XkQd0ul5uQ0oGyPcDW-QiTbtAMCkH28YX8aYo_1EO9-IkU4_XbHhMUakLdKTcg3jVXERqdkviEfjrN3DQbkvE3EjdMe_C3gT0CJTC1QcAcaIwRXvjBiaRIxwsIsgJ0WAVBpP_N6fdSFxRB0cPV8m63yxA2Dn00sS4O9mdaAqJU4AevGZxn8VwUkXSeHklFNMo4NgOsLB9xUJDSWl7pI2FhRyuEQEn80Dp35hp7l0dp7ICKgiZNaICi8hDvMau2SCrsPeFKBSO-7KEx7Nu1Eq2Ykn26QBV6Tio_Bn9VxPvdDryOsaJUmunfwoge5KRNRB4zVKBkbHdBKsCZwxTYcgY5QS2eQvQFKErueNwI_dlImFzBRPPYOUqR1r5I5Nvu-on0bb9zu_81wXrM0eYakO_033DmuzGdbYzA4s94D2V0czSv6mBHyKleMPFAxHaEOBXMLfoyN-zd4n6IdUN5acpvb4q8ByX6Yw43XFRVSISPxhdFUCRgEb_qX41HDky2w7yYdlxXJURC3IgLztZ_Gbdob15Yf1Xhr83WgWbjof0F2y6Fv4dAkmgZeuPfWaJOdWIXgBBo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hubtw.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.sci-hub.shop
URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Domain: share.pluso.ru
URL: https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=3oRVILcUeEDqundefinedZQV&first=1

Domain: share.pluso.ru
URL: https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hubtw.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=6yvT6I8kck1ThnAs

Domain: share.pluso.ru
URL: https://share.pluso.ru/img/pluso-like/square/medium/06.png

Domain: share.pluso.ru
URL: https://share.pluso.ru/img/plus.png

Domain: kitbit.net
URL: https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hkvisa.net/	1970-01-20 19:23:44	Name: __gads Value: ID=5189ce3ae6f3c5df-225614e138dd00fd:T=1677728168:RT=1677728168:S=ALNI_MbQe7NtUOH7Xc5-jMb5IPo0kqJ0EA
.hkvisa.net/	1970-01-20 19:23:44	Name: __gpi Value: UID=00000bbd87cd079f:T=1677728168:RT=1677728168:S=ALNI_MZ7UGTNVwh3jhbA3xZBAsjAG-1n4w

sci-hubtw.hkvisa.net Open in urlscan Pro 2a06:98c1:3121::c Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

84 Requests

92 %HTTPS

88 %IPv6

14 Domains

20 Subdomains

18 IPs

5 Countries

1316 kBTransfer

2403 kBSize

5 Cookies

4 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sci-hubtw.hkvisa.net
2a06:98c1:3121::c Malicious Activity!

Screenshot
Live screenshot

Full Image

84
Requests

92 %
HTTPS

88 %
IPv6

14
Domains

20
Subdomains

18
IPs

5
Countries

1316 kB
Transfer

2403 kB
Size

5
Cookies

84 HTTP transactions
1 data transactions