sci-hub.hkvisa.net Open in urlscan Pro
185.178.208.158 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw/
Effective URL:
https://sci-hub.hkvisa.net/
Submission: On October 18 via api (October 18th 2021, 4:53:04 am UTC) from VN — Scanned from DE

Summary HTTP 197 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 30 domains to perform 197 HTTP transactions. The main IP is 185.178.208.158, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is sci-hub.hkvisa.net.
TLS certificate: Issued by R3 on September 16th 2021. Valid for: 3 months.

This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.178.208.151 185.178.208.151	57724 (DDOS-GUARD) (DDOS-GUARD)
1	185.178.208.158 185.178.208.158	57724 (DDOS-GUARD) (DDOS-GUARD)
21	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	18.184.251.131 18.184.251.131	16509 (AMAZON-02) (AMAZON-02)
16	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:967a:cdf5:1598:ad44	16509 (AMAZON-02) (AMAZON-02)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
4	31.131.252.91 31.131.252.91	49505 (SELECTEL) (SELECTEL)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3	31.131.252.94 31.131.252.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
3	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:303... 2606:4700:3036::6815:15dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
7 10	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 2	185.15.175.137 185.15.175.137	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2 2	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
197	24

1 185.178.208.151 (Russian Federation) 1 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.178.208.158 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

sci-hub.hkvisa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.251.131 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-251-131.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:967a:cdf5:1598:ad44 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.131.252.91 (Russian Federation)

ASN49505 (SELECTEL, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.131.252.94 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

kitbit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.146 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)

p1.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:15dc (United States)

ASN13335 (CLOUDFLARENET, US)

optinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.15.175.145 (Russian Federation) 7 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.137 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

fnc.rt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.139.144 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	884 KB
39	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	233 KB
21	sci-hub.shop img.sci-hub.shop	582 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	233 KB
13	digitaltarget.ru 7 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	26 KB
11	google.com 4 redirects adservice.google.com www.google.com	2 KB
7	googletagservices.com www.googletagservices.com	260 KB
6	googleapis.com fonts.googleapis.com	5 KB
4	pluso.ru share.pluso.ru	27 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	addthis.com 4 redirects e.dlx.addthis.com	3 KB
3	kitbit.net kitbit.net	2 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com	1 KB
3	quantserve.com cms.quantserve.com	1 KB
3	google.de adservice.google.de	1 KB
2	altergeo.ru 2 redirects cm.p.altergeo.ru	999 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	566 B
2	rt.ru 1 redirects fnc.rt.ru	986 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	agkn.com 2 redirects d.agkn.com	1 KB
1	rktch.com ut9.rktch.com	88 B
1	optinder.com optinder.com	543 B
1	ntvk1.ru 1 redirects p1.ntvk1.ru	381 B
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	335 B
1	innovid.com ag.innovid.com	296 B
1	googleadservices.com partner.googleadservices.com	655 B
1	hkvisa.net sci-hub.hkvisa.net	7 KB
1	scihubtw.tw 1 redirects o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw	220 B
197	30

	Domain	Requested by
49	tpc.googlesyndication.com	googleads.g.doubleclick.net sci-hub.hkvisa.net tpc.googlesyndication.com pagead2.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	sci-hub.hkvisa.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	img.sci-hub.shop	sci-hub.hkvisa.net
16	cm.g.doubleclick.net	googleads.g.doubleclick.net
10	dmg.digitaltarget.ru	7 redirects
9	www.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
8	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
4	share.pluso.ru	img.sci-hub.shop
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
4	e.dlx.addthis.com	4 redirects
3	tag.digitaltarget.ru	kitbit.net tag.digitaltarget.ru
3	kitbit.net	img.sci-hub.shop kitbit.net
3	pixel.rubiconproject.com	3 redirects
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	cms.quantserve.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	cm.p.altergeo.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	fnc.rt.ru	1 redirects
2	counter.yadro.ru	1 redirects
2	d.agkn.com	2 redirects
1	ut9.rktch.com
1	optinder.com
1	p1.ntvk1.ru	1 redirects
1	googlecm.hit.gemius.pl	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hub.hkvisa.net
1	o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw	1 redirects
197	35

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sci-hub.hkvisa.net R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2021-06-21` - `2022-06-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.pluso.ru R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.kitbit.net Let's Encrypt Authority X3	`2018-11-05` - `2019-02-03`	3 months	crt.sh
tag.digitaltarget.ru R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
ut9.rktch.com R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
fnc.rt.ru Thawte RSA CA 2018	`2020-12-25` - `2022-01-02`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://sci-hub.hkvisa.net/
Frame ID: 0C2C54BC1CA37C6E9D56DFF8FFEAA161
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 4CD153788EE8B7CB2FEFFBCAA21F169B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1634532776&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776027&bpp=3&bdt=790&idt=88&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=5448744265777&frm=20&pv=2&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oiDQxS0dlE&p=https%3A//sci-hub.hkvisa.net&dtd=103
Frame ID: 64EA4E012422867B2B132D628D0B2921
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=2498016108&adf=2987723014&pi=t.ma~as.4859960692&w=1001&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&psa=0&format=1001x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776030&bpp=1&bdt=793&idt=106&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vW5RTrGHG9&p=https%3A//sci-hub.hkvisa.net&dtd=112
Frame ID: FFBAF4E73EF8DA01141506049CCF1F2C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1634532776&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776041&bpp=1&bdt=804&idt=105&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1001x280&nras=1&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115
Frame ID: 7E96566AF98A534EC59F12FF955CC875
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 28A5E53D275240C166334B17220DADD6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 38CCC5C204C0F102631C6BF1D89D8944
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=11&bdt=1545&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0&nras=2&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=bFxZhfnQHI&p=https%3A//sci-hub.hkvisa.net&dtd=10
Frame ID: FA1B7834B16ADAA041806CF81C9FA4A5
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12
Frame ID: 721A3DEC0E275FAD2986516260FF2A5B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14
Frame ID: 558A929F2A91A42ABEEB729D08F7E0B5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1440028034&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=0&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=CSfxwJjwqq&p=https%3A//sci-hub.hkvisa.net&dtd=16
Frame ID: 08DFA504345E7786A2F54D6314C7C3A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3FE3CF3D29249C182343CCC7E9530158
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1C96D68C9BCB9C22FFC42DD5BA9A09FF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1
Frame ID: 30989B5723C995A90579480070ACF4D9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html
Frame ID: CBB49A9BD11782473A0C8AC71401BD19
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 47AE3D3EF363E21DB9B12666B5B1D248
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3674A3D651990FE80AC95C44BE926BF1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FD0E06A7E413E6780B5BCA2480ED1BCF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 8C02ED0DE4A7787D501E2520AE6D1729
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 0CE6D18C3EC12FFB60028C8FB88D1AA5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2F5CA71BBF2616F25B0F848AF8F3A9A
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EAE606178A0B48B2E7F4E1DC3E9AD5D8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F31E673C182EC7C0E1A4A467A13E9A6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 4C697E13CAB6927DB1E45EB1A448D033
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: DA5785702BD79259867C9EBFE328B8DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 75530F588E33D83A2E006405E215AD96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DB6ABA89905D47336C799E96C2FAB71E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD4ED71BACCF133D83BA03C829BD80AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sci-Hub

Page URL History Show full URLs

https://o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

197
Requests

95 %
HTTPS

39 %
IPv6

30
Domains

35
Subdomains

24
IPs

5
Countries

2261 kB
Transfer

4620 kB
Size

37
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 154

https://d.agkn.com/pixel/2175/?google_gid=CAESELFXls8w18UgS6No3BmzPf0&google_cver=1&google_push=AYg5qPJ0Yd1jRKOxLul9vJ2VWx0wzei9CFafra23ndRHMi0-Jutpqdw04AhNIs_2KGvixy11wtiFDHh8J7G1j9IpMSIyQ6qERUM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ0Yd1jRKOxLul9vJ2VWx0wzei9CFafra23ndRHMi0-Jutpqdw04AhNIs_2KGvixy11wtiFDHh8J7G1j9IpMSIyQ6qERUM&google_hm=Q0FFU0VMRlhsczh3MThVZ1M2Tm8zQm16UGYw

Request Chain 155

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJjDk77NcJnx5NEvmpoHGWUs3nom50YhbFIs8Ch6p5lPMNfea7wz1DBtALY_Hl1qze3uxbWGe4NgTHNLldfvm-fl_5L01U&google_gid=CAESEDvtDW6tb94NrV1mRRaI4-o&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKn7s4sGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKakRrNzdOY0pueDVORXZtcG9IR1dVczNub201MFloYkZJczhDaDZwNWxQTU5mZWE3d3oxREJ0QUxZX0hsMXF6ZTN1eGJXR2U0TmdUSE5MbGRmdm0tZmxfNUwwMVU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUkx5VEpueWx1ZzUzUl9pSE13RHl0M1F3SHktNWxmZjEyZTEtV21MVUtrSQ==&google_push

Request Chain 156

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ__btNdYYdfyUYV3ELhIE-gvMfxh2BqGCoa_pPrsFy2Z7I71Ho3emL6JZs_ecZFrJfIOaVgo-UlhKSeZgDae0lMErXZXA&google_gid=CAESEINtmNQsAFckb0t5PuoCNdY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ__btNdYYdfyUYV3ELhIE-gvMfxh2BqGCoa_pPrsFy2Z7I71Ho3emL6JZs_ecZFrJfIOaVgo-UlhKSeZgDae0lMErXZXA&google_gid=CAESEINtmNQsAFckb0t5PuoCNdY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDAxNjQyNjk5NTQ2OA%3D%3D&google_push=AYg5qPJ__btNdYYdfyUYV3ELhIE-gvMfxh2BqGCoa_pPrsFy2Z7I71Ho3emL6JZs_ecZFrJfIOaVgo-UlhKSeZgDae0lMErXZXA

Request Chain 157

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCFBfIP_EXuquikhDbGwo8&google_cver=1&google_push=AYg5qPKbx4fmWgASvlK4LfBFSMjouxaCSpcubuXld1x-7fcDVmA9Ve7k99K52IKGD3MdRKNbDNZWraNDbhuaR-5KRdCMbGcMxOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUEtRC01UlpE&google_push=AYg5qPKbx4fmWgASvlK4LfBFSMjouxaCSpcubuXld1x-7fcDVmA9Ve7k99K52IKGD3MdRKNbDNZWraNDbhuaR-5KRdCMbGcMxOw

Request Chain 162

https://d.agkn.com/pixel/2175/?google_gid=CAESELFXls8w18UgS6No3BmzPf0&google_cver=1&google_push=AYg5qPIbINV9JTua9pSaj_Ye0npoiw96wx3K6t6EbIxLkmY7yq7W6CYp6z4ouNSTJnbUXknDKFbf4uwazcp5kNtdxM-WctrqMpuu1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIbINV9JTua9pSaj_Ye0npoiw96wx3K6t6EbIxLkmY7yq7W6CYp6z4ouNSTJnbUXknDKFbf4uwazcp5kNtdxM-WctrqMpuu1g&google_hm=Q0FFU0VMRlhsczh3MThVZ1M2Tm8zQm16UGYw

Request Chain 163

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRPcuyZrbSwOh-uAVQz0RjjKftVEr8RyzDZ1GklSODGJYtshdgd3ZWjAh_kScp1sqb_GLTFihIi9YNefbfa8yPj5-cISaO&google_gid=CAESEINtmNQsAFckb0t5PuoCNdY&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRPcuyZrbSwOh-uAVQz0RjjKftVEr8RyzDZ1GklSODGJYtshdgd3ZWjAh_kScp1sqb_GLTFihIi9YNefbfa8yPj5-cISaO&google_gid=CAESEINtmNQsAFckb0t5PuoCNdY&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDA4OTUxMDA2NzUwNA%3D%3D&google_push=AYg5qPKRPcuyZrbSwOh-uAVQz0RjjKftVEr8RyzDZ1GklSODGJYtshdgd3ZWjAh_kScp1sqb_GLTFihIi9YNefbfa8yPj5-cISaO

Request Chain 164

https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKKg HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKKg&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKKg&google_hm=NVdsLs0oyKMGaSrrVYHk6g==

Request Chain 165

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGWQixmc_GpZACmhJr8JU4s&google_cver=1&google_push=AYg5qPI6i5Vp2jhmoAQxVh6_CCXbLTCqQL9gt3wCW1zmenEQBGN9iQXlI35TLIusK4jUJJEaadlwlaG2-JZO5zL1aBT-apzjiWUcDg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGWQixmc_GpZACmhJr8JU4s&google_cver=1&google_push=AYg5qPI6i5Vp2jhmoAQxVh6_CCXbLTCqQL9gt3wCW1zmenEQBGN9iQXlI35TLIusK4jUJJEaadlwlaG2-JZO5zL1aBT-apzjiWUcDg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vd9s9QiGRLWma6vGEQNA3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6i5Vp2jhmoAQxVh6_CCXbLTCqQL9gt3wCW1zmenEQBGN9iQXlI35TLIusK4jUJJEaadlwlaG2-JZO5zL1aBT-apzjiWUcDg

Request Chain 166

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCFBfIP_EXuquikhDbGwo8&google_cver=1&google_push=AYg5qPImAr5crLwE750jEqRoZjfMGBq2uBwMmoe28Cwu_GJUC12vwSTwCKXNZ1QJjVZF7q4fnet3zCfway26nMWmtA9E1iQ_ejDcEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUktRi1MQ0hG&google_push=AYg5qPImAr5crLwE750jEqRoZjfMGBq2uBwMmoe28Cwu_GJUC12vwSTwCKXNZ1QJjVZF7q4fnet3zCfway26nMWmtA9E1iQ_ejDcEA

Request Chain 167

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1

Request Chain 171

https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB&google_hm=NVdsLs0oyKMGaSrrVYHk6g==

Request Chain 172

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGWQixmc_GpZACmhJr8JU4s&google_cver=1&google_push=AYg5qPInbpqR7ThdSyFQKjDC5hhkXxq21EoX0Wx8Ex-ReS-PVGbjeoCnBo4iwyc--9sFONeJ4rR_L4RJm0lTr2Nlgr66v5PkD02P HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGWQixmc_GpZACmhJr8JU4s&google_cver=1&google_push=AYg5qPInbpqR7ThdSyFQKjDC5hhkXxq21EoX0Wx8Ex-ReS-PVGbjeoCnBo4iwyc--9sFONeJ4rR_L4RJm0lTr2Nlgr66v5PkD02P&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=scSy9CkPQu2Bz4c3mqw-8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPInbpqR7ThdSyFQKjDC5hhkXxq21EoX0Wx8Ex-ReS-PVGbjeoCnBo4iwyc--9sFONeJ4rR_L4RJm0lTr2Nlgr66v5PkD02P

Request Chain 173

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCFBfIP_EXuquikhDbGwo8&google_cver=1&google_push=AYg5qPKikCGj8-DhUteYSQHDVBrLtyGzPpND3ecrb-ZR59kul96Xd6XUaHUmfngoP64Md-aibcODcd8dszZT7Mo06Ruesd3sLaeK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWVctMVgtOTZOVw==&google_push=AYg5qPKikCGj8-DhUteYSQHDVBrLtyGzPpND3ecrb-ZR59kul96Xd6XUaHUmfngoP64Md-aibcODcd8dszZT7Mo06Ruesd3sLaeK

Request Chain 174

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh

Request Chain 175

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJcuvK_5BFCmI1vcu0ry3M4&google_cver=1&google_push=AYg5qPKRil6kKp1EzNakoi4dcUNai20bwv07l-XQmt4RRbitm8uAVETu6oiBmc7niyUx1U2ed-za2yicjTJ3rac8CUQB3NgOcvkcOQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRil6kKp1EzNakoi4dcUNai20bwv07l-XQmt4RRbitm8uAVETu6oiBmc7niyUx1U2ed-za2yicjTJ3rac8CUQB3NgOcvkcOQ&google_hm=

Request Chain 179

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

Request Chain 193

https://p1.ntvk1.ru/nps HTTP 302
https://optinder.com/cro

Request Chain 200

https://dmg.digitaltarget.ru/1/7250/i/i?i=45293897039323.429455627928358&c=tg:adcm_pc HTTP 302
https://dmg.digitaltarget.ru/1/7250/i/i?i=45293897039323.429455627928358&c=tg:adcm_pc&q=scc

Request Chain 201

https://dmg.digitaltarget.ru/1/6534/i/i?i=45293897039323.685840680095999&c=tg:adcm_pc HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=45293897039323.685840680095999&c=tg:adcm_pc HTTP 307
https://fnc.rt.ru/1/6532/i/i?i=5flIDZi4kbd9VW57Woy.&c=tg:rds_6534 HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=5flIDZi4kbd9VW57Woy.&c=tg:rds_6534&q=scc

Request Chain 202

https://dmg.digitaltarget.ru/1/1086/i/i?i=45293897039323.377244786797637&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:ducMml9Hopf5gMbetHhoI1BG.xps:xpsi6KUQTINyj3lEJFKjDvpJw.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=45293897039323.377244786797637&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:ducMml9Hopf5gMbetHhoI1BG.xps:xpsi6KUQTINyj3lEJFKjDvpJw.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D%26sds%3D1086 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D%26sds%3D1086&bounce=1&random=2549607468 HTTP 302
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=HxsaYIc77m8zlQa07hsI7e&sds=1086

Request Chain 203

https://dmg.digitaltarget.ru/1/1086/i/i?i=45293897039323.63873156602812&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:ducMml9Hopf5gMbetHhoI1BG.xps:xpsi6KUQTINyj3lEJFKjDvpJw.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=45293897039323.63873156602812&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:ducMml9Hopf5gMbetHhoI1BG.xps:xpsi6KUQTINyj3lEJFKjDvpJw.dn:sci_hub__hkvisa__net.dn:hkvisa__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086 HTTP 302
https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086&cc=1 HTTP 302
https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMNfpUJZkRQcW9mUIf58BITQ==&c=pc:&i=19393d8f&rds=1086

197 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sci-hub.hkvisa.net/
Redirect Chain

https://o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw/
https://sci-hub.hkvisa.net/

27 KB
7 KB

617ms
199ms

Document
text/html

185.178.208.158
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.158 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

82ac8f104261c3157de398ab098d3408aae49c5585388a206f3537f57a10ba20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:method: GET
:authority: sci-hub.hkvisa.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1=fscrpHPFgvvWAK1RruHB; Domain=.hkvisa.net; HttpOnly; Path=/; Expires=Tue, 18-Oct-2022 04:52:55 GMT
date: Mon, 18 Oct 2021 04:52:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
expires: Mon, 18 Oct 2021 16:52:55 GMT
cache-control: max-age=43200 no-cache
x-cache: MISS MISS
content-encoding: gzip

Redirect headers

server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1=k0m5jFzPHT9ZAjlgiOrH; Domain=.scihubtw.tw; HttpOnly; Path=/; Expires=Tue, 18-Oct-2022 04:52:54 GMT
date: Mon, 18 Oct 2021 04:52:54 GMT
content-type: text/html
location: https://sci-hub.hkvisa.net/
content-encoding: br
vary: Accept-Encoding

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 586ms
16ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
server: cloudflare
etag: W/"5c00bb7c-152b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJYHI5jJjSKBjjmK49ySpgKCYcx%2B%2BSgqGciT9LF%2BmV%2BWycCc506od28067jPAqA5YHdoxcbmou3PvLe3FcqZV0mHOV5ElCQyC993XaqmcgnywILhclQs1YUj8jWIpmEe6KgAST3gbgKjcsTroNQv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69ff28f8ea5f4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 597ms
27ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
server: cloudflare
etag: W/"5c13665c-3dee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFotU62EdmdjZeoPBqmfAlrs5n2fEvCLu71MzAKy%2BCgQLr0gOdJKYPxcidtL7S0SI5USAaTV66jSaF7%2BwieoVX2hFP91fe9kpd4%2Bm0t0%2FXT5kU7E2eK5QY%2Fk71mux7wYOF2lgKFE0p1ETQf15Mjz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69ff28f8ea604e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
23 KB 593ms
23ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7034
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
server: cloudflare
etag: W/"5c00bb8c-1798d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZ1cQyrEM8jYhWE4%2BVjeHv7UcdBibb5JgDVRs1xevn1qJuspS%2BhdMCdA9DDBk3kdfwaRZ73zGd%2F%2Bv8lFOEpShlvIu3f2YQ3Flfl0F03lTgyodUPQwXqOQKoGJk9J3zooztwjELp5TGNoPayp6sCU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69ff28f8ea624e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 16ms
15ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83813
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxtxCcBsLYYT6gxR17KU5KI323MvalHKkqzi5TN3eiKfnUBTORxO9IdiGDJjfXEqRy%2BmgeHsbxSi0d98tBQhYBE8%2BRWBBrY0AAeqamj81cpJxdwSMsrkOaQYwSTx1QV52mbV0vGtYAJFTksXeULx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f92abb4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 14ms
14ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83772
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cM66NfdJ%2BaV8VXoZZ3tPfdCUayhiiTMQcg46uwHkCqEZFFNqHlMHmI6tkfTtd8xZbeuggljMIf4oOq8guxh8gh%2BRyz5E%2BjP8p5UJ85ItubBMrJ9ak%2FmSrNpFTpfQnBaOqMK9B2EKNuX32kDb3tm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f92ac24e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 97ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae4703be2710fe5cb8f7af6f60870f819ff7a0af3252835506257cba0912dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51494
x-xss-protection: 0
server: cafe
etag: 16252469166561453521
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Oct 2021 04:52:55 GMT

GET
H2 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 13ms
13ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83793
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJUE6mhy63XoxS859KBJLa5KlsNhTY5x5PS5QTC5eEXpyKY4oFPgRprAvf0LfRsL05khdKRALFJk5SwxI99lffPX8mQ%2FZI8GJqK2uPvOMehWBOcGbUIRtMtwTUJZd8VUDQ3Z37LmnK6h9AgB5UHz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95afe4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 41ms
40ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83854
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uddAohSmU5AQ7AcMQmEHWQrvNtNhF5RacQEl24bLn0g%2FQ4TJz4u%2BUvNZgkfyTMUk7ptvx1%2BddZln3f5yQZZfupBa%2Bw%2F48TCcVa%2B2CKEsXPdAQEFtPB8ECQa5%2BZCH8DFoFzCEaNaISFkcaN2HPspd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b044e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 29ms
28ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ni5z2gTj5WUOcLJiDXfOrX0GzVz%2B%2FjqF9kGuDtMOwOPk2NNkDunmk2uLDrYi9uhZaIkv5Wj2HiVnuPPramDFMSocFpnDFLKuWkQaH78Mnd7vZzo0Pp2DqGhmN8l%2B28LfkO3Udl%2BtMGrYHPsNq3z8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b064e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 35ms
33ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuylz8p3%2BHpQtcjj5MAxYHVxipguaD1Z8lcWL1%2FYKtIyi2w1rfZhIQZNcRqcSz2ZqrAlnMIQoZ8Srxje0lLWQziCt2Qj4cWMbE8b3xRzZ16CqVJtNRoOCCKX0OM%2FS%2FGSCAjCN7YHIl8gfrMkOot9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b074e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 40ms
38ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxUXYcJkiBPiXkBnbIzYcyIw73xieeaQc0rxrLs9M4RaMkik8%2Bk1QNo%2FslAuWVZTsw189vbO9eg%2BVEyze8oE19T%2B9iPfx8ADoJgegpUp7aSCPQtr8lxbMlWZFlnPb1P%2BQNbtz3fSkMVKq7rTQLrg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b094e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
1 KB 48ms
46ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBR%2BOS3Gph841MJI2oyUK%2FrC2EAKqQxWYWypnzgamUljtocwavhJFy10JKZFFwXbYZeELYpXX%2FY5TuUO3adJXNS06v6iOhcFC1ddoGALSwRaFfPJieSZZ8UE2hE%2BnB7RW93fxuVY%2FYWQnkNcMpEW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b0a4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 50ms
48ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nu3GyjpNtRojzuEjGO5s5J%2F57rbTy3HDZYagrSKQOICsDvToHBRxKzuqe5sxMM0iZvYUtf8lh9i3xcEFmzd8KkpP15eYt4u8lmlXR7U2D6YhjXmN9iEoB%2F%2B7jByq4EYR0tB3Flt2DVOkVCOaPbQS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b0c4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 38ms
36ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul87fIQ1s1RY0b63lJa45A2R5XqDgLH8hcco3nPRGvO%2Fkmrv0PInnDOJzEqHvHq2qtqX95h2MAo5qCx7fWkDhe8x5P63B9%2F8fR1f9rWcC%2FFNlGJA4gleoX5T6thWkWjx%2BkKPFCYZC3WdkzdUTviO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b0d4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 41ms
39ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Qyz%2BA%2FjwBkC9E5OzPhWYh4GQnwT8yK0FIE8FUmyERvjsCwVb%2BP3gvTHgZas9vQzrG9FsrTJM45QS0v8%2BcbhDULnSU%2FmJbgyued%2ByDhvLL343%2FYpaDcUadzIY92BMcf%2BIFDLPNTGvW5dLUpJoaOr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b0e4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 38ms
36ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6877
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnSTcVhTseDLPzEzFx4g34zp4sDz8XqTMXF1LBFgUXRsMhLa0DovGY0toMYa7u5ChnTdpvnAYK5wPSQp9X5JB7B%2Be6iwDVNLJkfh77a%2Bzw%2BgH7QkbNKeZ1AbG7Bu9WnLnQvJ7u%2BBTbSCOQlQpq0G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b0f4e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
50 KB 43ms
41ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83816
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceEjjdd9iCTQM0n1GfM%2F9cXH6ZSFb%2BLP7ipjDulEQRRf%2BoAllZWy3pgKZHCfpquO1A%2F0tCkXlE3esKC0jSDysRQMYqEw%2BhQ%2FUDY5fyIG5TrIlypj7cruX8wF3YukXirJD4RGYnZliPpGijrTkd1Q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b124e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 48ms
46ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRUvYMDOejNKCTyDX%2FAD4VDgd8DLuBuzE7eIBLHOvI%2BIV95QOeLbvq3wFdjo%2FVH7l1Xr23L8tEvKrq4jT3%2FVvQRPUqmBB%2FQYbpNCinz0ji7ETaqfsM9O0zxlGWhcyF6I20ARJbPUMfPXCInqf4di"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b144e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 45ms
43ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3hx%2FP3IcN0XrnCR1TRg4rl8HJrvX71CmzVB3Ghjw7%2FOQuFrBypcmrsUxu66s159mPmtl6YC%2FalR6HJcPd17K6tnm3o5NWjsfQCB05xN5e64iu4X73a%2BbvHus6FOsj6dTrZBr3su0FzvACXzhpYQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b154e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 48ms
47ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83816
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwxHI0goqGYq5xfJi9APd%2BpG7cQwY2hBRUfuKNCqzI8QpoB8BlQ7G8d0Zia6UB7pDF7EpVU7YMMnvWulVQF%2FoG49PEj0dVgjKyDNUWIS%2FXaz%2F5vG4O%2FzKPrKhTyma1pv0ioT5Qq0Q7VKCrc2SNbW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b164e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 49ms
48ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrHyEWhyzFS1liIOUxfDotxScGFHQkgo0AZskJ9MvTx8ilPlONjdte4FFNdPA5%2B9EsWax0aLiwVWjRGQxFI%2FIOsiqzwL%2BWhAJvIVu72p%2Fh0gvWLE0gphRz%2B24oakIQAUiNbm7TgurdiWcWQIv6ra"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69ff28f95b184e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H2 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 19ms
19ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
server: cloudflare
etag: W/"5c00bef8-a5cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCiNyNGX%2BhYkc4LjLsQpP5Qa%2Bvpo5DB0gCgMXfQVG%2BqIq4g1C55CIUGvdCj8CXslvEkGAU10hdO3Ux04zUNIFBztMFrdNrMD8HVg0R3F%2BKfwAxcOZcx8m7SDKqpQ1Uwf13zTISV4sVIdx594nWtd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69ff28f98b494e14-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/ 273 KB
98 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31063146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c346e91c1a910088cb31d4e4c9f4669739b1e6484b59b9ebbea0777309c9792e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99877
x-xss-protection: 0
server: cafe
etag: 10384798164351317558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 4CD1 10 KB
5 KB 45ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211013/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 17 Oct 2021 21:22:20 GMT
expires: Sun, 31 Oct 2021 21:22:20 GMT
content-type: text/html; charset=UTF-8
etag: 9069739545958607985
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4691
x-xss-protection: 0
age: 27036
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
655 B 177ms
37ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31063146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

64421d25a5587dc97889a1d23b45d0b9528aa87173250489309a658e20a36bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 147ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 145ms
34ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 64EA 83 KB
29 KB 518ms
517ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1634532776&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776027&bpp=3&bdt=790&idt=88&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=5448744265777&frm=20&pv=2&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oiDQxS0dlE&p=https%3A//sci-hub.hkvisa.net&dtd=103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79944f08a4f7106be9c4738648d0b5d3d0cab091cdd60849928ac9d5d99ee1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1634532776&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776027&bpp=3&bdt=790&idt=88&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=5448744265777&frm=20&pv=2&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oiDQxS0dlE&p=https%3A//sci-hub.hkvisa.net&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 18 Oct 2021 04:52:56 GMT
server: cafe
content-length: 29270
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 18-Oct-2021 05:07:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 18 Oct 2021 04:52:56 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFBA 92 KB
28 KB 351ms
351ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=2498016108&adf=2987723014&pi=t.ma~as.4859960692&w=1001&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&psa=0&format=1001x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776030&bpp=1&bdt=793&idt=106&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vW5RTrGHG9&p=https%3A//sci-hub.hkvisa.net&dtd=112

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8acf7e17996e24c7ecf0ce80241d34b2e4dd735daaab3ab8567bf1351bc35874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=2498016108&adf=2987723014&pi=t.ma~as.4859960692&w=1001&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&psa=0&format=1001x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776030&bpp=1&bdt=793&idt=106&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vW5RTrGHG9&p=https%3A//sci-hub.hkvisa.net&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 18 Oct 2021 04:52:56 GMT
server: cafe
content-length: 28403
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 18-Oct-2021 05:07:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 18 Oct 2021 04:52:56 GMT
cache-control: private

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 64ms
64ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E96 286 KB
71 KB 546ms
546ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1634532776&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776041&bpp=1&bdt=804&idt=105&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1001x280&nras=1&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32493126692eb974c168fa7b25fafadac136c39ca083cf4004a02f651e784039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1634532776&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776041&bpp=1&bdt=804&idt=105&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1001x280&nras=1&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 18 Oct 2021 04:52:56 GMT
server: cafe
content-length: 71990
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 18-Oct-2021 05:07:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 18 Oct 2021 04:52:56 GMT
cache-control: private

GET
H2 200 15152496432298391245
tpc.googlesyndication.com/daca_images/simgad/ Frame FFBA 180 KB
180 KB 55ms
17ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15152496432298391245

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=2498016108&adf=2987723014&pi=t.ma~as.4859960692&w=1001&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&psa=0&format=1001x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776030&bpp=1&bdt=793&idt=106&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vW5RTrGHG9&p=https%3A//sci-hub.hkvisa.net&dtd=112

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3af69bcb5355b495a3dc91c30f4dc6bf794ec382afa7ada72e5aefc360ac2191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 23:00:16 GMT
x-content-type-options: nosniff
age: 21160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 184302
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 06:15:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 23:00:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame FFBA 18 KB
8 KB 48ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:03:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame FFBA 3 KB
1 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:22:23 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame FFBA 67 B
196 B 49ms
14ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Oct 2021 17:58:30 GMT
x-content-type-options: nosniff
server: cafe
age: 39266
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 18 Oct 2021 17:58:30 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame FFBA 0
0 35ms
35ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CghdfqP1sYefhCZfa7_UPrqiakA_jy7atZY3endSuDt-k9P0IEAEg86rhe2CVuqyCtAegAfnwyfkDyAECqQJV0ffLWxG3PqgDAcgDyQSqBNUBT9AwFCfgt9DChWfRnT7GqjslfjepuJju_CnEK-hhV7OiZa-hwO140_sgjS7zXFSwYhrD9SLtG5g3PZNH3qGg8AIce0UDjEfbpm55TtWcASU_pbFaMf4DInTnp0TLkk647ZGlVwYTmmTQnaBGEIDSsh7bdznf-pen8QfMVCEF87MGJs7VC-DILI5ElcFtzofQWj1fYNcVET29R5RanUlllKNxHq-mgyWC-Jg5EOv_XLCqmJ2BHiLFvkcu_tqSfhKirHxVXjR62MzfY4V_d0LVwklezUEEwASQj7Wg8AOSBQQIBBgBkgUECAUYBKAGAoAH3sWXN6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQi5QP0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=flb7RpIJ0-Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=2498016108&adf=2987723014&pi=t.ma~as.4859960692&w=1001&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&psa=0&format=1001x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776030&bpp=1&bdt=793&idt=106&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vW5RTrGHG9&p=https%3A//sci-hub.hkvisa.net&dtd=112
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Oct 2021 04:52:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFBA 123 KB
37 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame FFBA 14 KB
6 KB 43ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:11:54 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame FFBA 27 KB
11 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ed8383deb802055202735bd86f7b951b661e93fa119966f5f4ad0cc29e02685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11228
x-xss-protection: 0
server: cafe
etag: 2676785842392005630
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Oct 2021 16:51:32 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28A5 143 B
222 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=2498016108&adf=2987723014&pi=t.ma~as.4859960692&w=1001&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&psa=0&format=1001x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776030&bpp=1&bdt=793&idt=106&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vW5RTrGHG9&p=https%3A//sci-hub.hkvisa.net&dtd=112
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=2498016108&adf=2987723014&pi=t.ma~as.4859960692&w=1001&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&psa=0&format=1001x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776030&bpp=1&bdt=793&idt=106&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=1490&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=vW5RTrGHG9&p=https%3A//sci-hub.hkvisa.net&dtd=112

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 18 Oct 2021 04:09:54 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FFBA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be8e26d3aa7edc729e6d7b8bfc5cbb995bfa55ebf1f7c500fe064349c85e9311

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28A5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
225 B

46ms
46ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 18-Oct-2021 05:52:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 18 Oct 2021 04:52:56 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:56 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 38CC 35 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H2 200 e8e197e378ee874e03267c2064571e79.js Show response
www.gstatic.com/mysidia/ Frame 64EA 7 KB
4 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e8e197e378ee874e03267c2064571e79.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1634532776&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776027&bpp=3&bdt=790&idt=88&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=5448744265777&frm=20&pv=2&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oiDQxS0dlE&p=https%3A//sci-hub.hkvisa.net&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce8fde1e19d45e140ba1f2e2756d7e564eb85c8888cc49547ee6a7cf87bc081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3152
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 19:52:20 GMT

GET
H2 200 6cfce8a19e8436dfedf3d88a9491c013.js Show response
www.gstatic.com/mysidia/ Frame 64EA 8 KB
3 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6cfce8a19e8436dfedf3d88a9491c013.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ecb912e3d60eed3050ca2825ff8dc7796d86154539d1c0c8a5d819430c5b9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 16:43:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3411
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 13 Jan 2022 16:43:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 64EA 3 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 04:47:42 GMT
server: ESF
date: Mon, 18 Oct 2021 04:52:56 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 64EA 2 KB
991 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:12:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 64EA 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:03:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 64EA 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:22:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64EA 123 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 64EA 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:11:54 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 64EA 27 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 19:52:20 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/ 143 KB
52 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/reactive_library_fy2019.js?bust=31063146

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb763e54a989d127a27b78ae4d23290bccc467b8d527ebae3f24951d88a67847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52671
x-xss-protection: 0
server: cafe
etag: 17378819356638797149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA1B 85 KB
28 KB 197ms
197ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=11&bdt=1545&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0&nras=2&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=bFxZhfnQHI&p=https%3A//sci-hub.hkvisa.net&dtd=10

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5234ea5f903f0fbf504ca2b607d79070b173d3ba58f59096b769de038621929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=11&bdt=1545&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0&nras=2&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=bFxZhfnQHI&p=https%3A//sci-hub.hkvisa.net&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 18 Oct 2021 04:52:56 GMT
server: cafe
content-length: 29086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 721A 85 KB
29 KB 217ms
217ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af4348ff9083ccf2fcf63bbf27e0d80fc104b58727e5adfbaa87304984a124fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 18 Oct 2021 04:52:57 GMT
server: cafe
content-length: 29649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 558A 85 KB
29 KB 217ms
216ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5fe9bb3b706409658919155363759acaae6eb00caeb3287ceffba259610c6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 18 Oct 2021 04:52:57 GMT
server: cafe
content-length: 29551
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08DF 436 B
279 B 186ms
186ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1440028034&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=0&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=CSfxwJjwqq&p=https%3A//sci-hub.hkvisa.net&dtd=16

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd013d7c23fd6fec01c6e599a5ce32d53275da53a0b057796d3570fe4efa486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1440028034&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=0&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3665&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=CSfxwJjwqq&p=https%3A//sci-hub.hkvisa.net&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 18 Oct 2021 04:52:56 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 64EA 0
0 33ms
32ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_TjTqP1sYdW1CcjH7_UPrN6f4A2py7PNZfHioejaDor9oITDARABIPOq4XtglbqsgrQHoAGr1bS7AsgBAagDAcgDywSqBNUBT9DLCgfjAdpj3yNIgTGFGdadn3iYIzWCJ2rK6U6YPXq8lnWhZ2aeUj8NXpT2J0sqWWLzVbFUeBkOIcOsCc6mOxrJ5TClViSrjbvkZ-TYxRH_GfN4huJQ7FMhRugPBVRhIyM4s9NVVLYGiArXCaosWeXypuCH6mjrc9SRNuv3rIzSAOvGNNB-rGf8j99cOwz7qmtp2XrAbK7Txbmt4VArbyEBkpVNDL9TVP0xIM9CgY-gtsQ0ld1M0Z1yh-XUpSplXUvv6-LpWhtSskosjbKNTagtovjiwATttKeVtQOSBQQIBBgBkgUECAUYBIAHxbSTyQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcFEIK1nwLSCAkIgOGAEBABGF-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNDc4ODA4MzIxOTIyNDI3OBgA&sigh=C9Y_pcIaNtw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1634532776&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776027&bpp=3&bdt=790&idt=88&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=5448744265777&frm=20&pv=2&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oiDQxS0dlE&p=https%3A//sci-hub.hkvisa.net&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Oct 2021 04:52:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3FE3 143 B
206 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1634532776&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776027&bpp=3&bdt=790&idt=88&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=5448744265777&frm=20&pv=2&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oiDQxS0dlE&p=https%3A//sci-hub.hkvisa.net&dtd=103
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1634532776&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776027&bpp=3&bdt=790&idt=88&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=5448744265777&frm=20&pv=2&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oiDQxS0dlE&p=https%3A//sci-hub.hkvisa.net&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 18 Oct 2021 04:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 64EA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0237d785ab8dc5e5f6675beca6a57ebdcfb547cb43b5f348da9573a1c7f0da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/ Frame 1C96 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 18 Oct 2021 00:26:23 GMT
expires: Mon, 01 Nov 2021 00:26:23 GMT
content-type: text/html; charset=UTF-8
etag: 9069739545958607985
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4691
x-xss-protection: 0
age: 15993
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/ Frame 3098 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 18 Oct 2021 00:26:23 GMT
expires: Mon, 01 Nov 2021 00:26:23 GMT
content-type: text/html; charset=UTF-8
etag: 9069739545958607985
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4691
x-xss-protection: 0
age: 15993
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64EA 0
56 B 39ms
39ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20211013&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 64EA 21 KB
22 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 551187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 64EA 21 KB
21 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 556290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1C96 4 KB
708 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 02:58:53 GMT
server: ESF
date: Mon, 18 Oct 2021 04:52:56 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1C96 205 B
492 B 7ms
6ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 20:22:23 GMT
x-content-type-options: nosniff
age: 30633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 17 Oct 2022 20:22:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1C96 604 B
694 B 7ms
7ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 02:08:10 GMT
x-content-type-options: nosniff
age: 9886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Oct 2022 02:08:10 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 1C96 18 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77de1a1b00ac331116f7aa733e701b7d7af3780b94f85d21485426ae2e0b1013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 03:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7847
x-xss-protection: 0
server: cafe
etag: 3335447531747852050
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 03:57:11 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/ Frame CBB4 50 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e71ed2eddc8da4f91d50d9a8b878a7a389c0e252d88947ad12123ce35bd04f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3871649211505799656/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Sun, 17 Oct 2021 19:03:52 GMT
expires: Mon, 17 Oct 2022 19:03:52 GMT
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 7027
age: 35344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 3098 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:03:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3098 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:22:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3098 123 KB
37 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3098 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:11:54 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3FE3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

14ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 18-Oct-2021 05:52:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 18 Oct 2021 04:52:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 47AE 3 KB
676 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 03:56:58 GMT
server: ESF
date: Mon, 18 Oct 2021 04:52:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 47AE 2 KB
946 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:12:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 47AE 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:03:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 47AE 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:22:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47AE 123 KB
37 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 47AE 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:11:54 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 47AE 27 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 19:52:20 GMT

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame CBB4 9 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 13:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 18 Oct 2021 13:46:43 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CBB4 26 KB
10 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 18 Oct 2021 13:46:49 GMT

GET
H2 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f20fc90fdb436886d306fffadf89a1c9cc848ddee8264057a8e2a81eeb82dea9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1278
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 headline.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 3 KB
1 KB 11ms
8ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/headline.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e835c9e0e17ae32f44574dfb0e65b8f413268cc132729ff1342bc5a72adcedb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1228
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 lastline.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 3 KB
1 KB 15ms
12ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/lastline.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c385ca4734df5d7ea8c1ce955ceb91838068746a29c3824999e49bb15486456

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 string1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 3 KB
1 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/string1.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3f3f519c9293a1331a38cbafdb6a2f11a089f961e5586077f64f05b60bdb948

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 string2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 4 KB
1 KB 15ms
13ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/string2.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f160d83894db09b179bfc7c1485ec31c333e637ecafac143894cf46331db38e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1407
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 string3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 4 KB
1 KB 15ms
13ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/string3.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee333f5bc6bbb0db6a46ae1d20b5ee330449b2354cda1ea7359a15ffdc204516

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1300
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 string4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 3 KB
1 KB 12ms
10ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/string4.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb3f218c37dcf3f9505b069c7c9c82713efe12453658d49da82941154c3b57f9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 string5.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 4 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/string5.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9ba05cdfd2ec5efe4c2e922313d4442fc81d34cfd93c79cddf58cd37a75cc3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1259
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 string6.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 2 KB
905 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/string6.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9af6ab747e8cc77d7021c67bb2591fb87a67b26b436edb1bf0490ca0e54a7d9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 833
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 string7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 3 KB
1 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/string7.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d819f707bca2070637b5256597ca11e79fb8cbdd1b95fe3a2df5e19c86a51017

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 hero.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/ Frame CBB4 83 KB
83 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/images/hero.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14bc8c6eff7aca9cff2c297d576fe0566e9befe347431257b7c94630e194ac93

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 35345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85039
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 16:17:00 GMT
server: sffe
date: Sun, 17 Oct 2021 19:03:52 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Oct 2022 19:03:52 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3674 143 B
198 B 9ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 18 Oct 2021 04:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD0E 143 B
198 B 8ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 18 Oct 2021 04:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame FA1B 3 KB
653 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=11&bdt=1545&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0&nras=2&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=bFxZhfnQHI&p=https%3A//sci-hub.hkvisa.net&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 03:01:47 GMT
server: ESF
date: Mon, 18 Oct 2021 04:52:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame FA1B 2 KB
963 B 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:12:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame FA1B 18 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:03:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame FA1B 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:22:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA1B 123 KB
37 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame FA1B 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:11:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FA1B 0
0 29ms
29ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPlyJADX7harqj2PQX7JG8b2MhHNtLnWMmWcLCzgylE2jAIfEVxbVW1h16wqhXvyjZiuvN_dHWeZX4L6qJzN0tz395-A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=11&bdt=1545&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0&nras=2&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=bFxZhfnQHI&p=https%3A//sci-hub.hkvisa.net&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame FA1B 27 KB
11 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 19:52:20 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6430283235806750525/ Frame FA1B 42 KB
42 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6430283235806750525/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c149d7326b56a7a566100bfc8bb6f80a1b577fc06cabb89c7728c519bf55fd65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 03:04:04 GMT
x-content-type-options: nosniff
age: 6533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42998
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 17:18:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Oct 2022 03:04:04 GMT

GET
DATA 200
OK truncated
/ Frame FA1B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 721A 3 KB
653 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 04:18:23 GMT
server: ESF
date: Mon, 18 Oct 2021 04:52:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame FA1B 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvlmHqP1sYfOzMcGA7_UPhueQ-ASpy7PNZZHkoejaDor9oITDARABIPOq4XtglbqsgrQHoAGr1bS7AsgBCagDAcgDywSqBNQBT9BpFZHCP5SZnPyCOx4CUvIQBg94We3TA5VJqbIu2Oq89PvQ8204dtT3E7PO8NI7ENne9v3cQ9QGBLH3xF-hAHWTJXIvvxI1EJTOa02UVisn-VodVFr-x8qkJom306eDiTQSi4KX4-FVbR_ur_Lwe3AY_X_14riRhY7R6mTfdI2IlyaodDXIYiufSYB9zrtLuMI0dPmXPgw-jXWuBV7mIAZlHR-WRqU0-nd7szNyg9bDhG-busnwIZo5kxAOdA3dj4Pcox88tE22cdcI7oFDtA6nc33ABO20p5W1A5IFBAgEGAGSBQQIBRgEoAYugAfFtJPJAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQxPAB0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDNAVAYAXAbIXHAoaCAASFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=cStNBe7g7BE&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=11&bdt=1545&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0&nras=2&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=bFxZhfnQHI&p=https%3A//sci-hub.hkvisa.net&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Oct 2021 04:52:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 558A 3 KB
653 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 04:47:46 GMT
server: ESF
date: Mon, 18 Oct 2021 04:52:57 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 721A 2 KB
959 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:12:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 721A 18 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:03:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 721A 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:22:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 721A 123 KB
37 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 721A 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:11:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 721A 0
0 28ms
28ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRn5ItiJ5WQq26kA-PmsEqXqe5GgY88ui21kbPu8cTKLhhRmSvzwzLm0pnDggQmcvCuSKDnvbHU_EzHOUJ8Q9zmlE5fg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 721A 27 KB
11 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 19:52:20 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 558A 2 KB
959 B 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:12:24 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6430283235806750525/ Frame 721A 42 KB
42 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6430283235806750525/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c149d7326b56a7a566100bfc8bb6f80a1b577fc06cabb89c7728c519bf55fd65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 03:04:04 GMT
x-content-type-options: nosniff
age: 6533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42998
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 17:18:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Oct 2022 03:04:04 GMT

GET
DATA 200
OK truncated
/ Frame 721A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6430283235806750525/ Frame 558A 42 KB
42 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6430283235806750525/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c149d7326b56a7a566100bfc8bb6f80a1b577fc06cabb89c7728c519bf55fd65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 03:04:04 GMT
x-content-type-options: nosniff
age: 6533
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42998
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 17:18:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Oct 2022 03:04:04 GMT

GET
DATA 200
OK truncated
/ Frame 558A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 558A 18 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:03:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 558A 3 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:22:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:22:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 558A 123 KB
37 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37919
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634125446224599"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 558A 14 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Nov 2021 04:11:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 558A 0
0 32ms
31ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlETVqaDpAD7GsAMoodNONxNRftwBp1Ec5bRZIrtCq7GvNI9Uj6Fut6afZbIFjS_SjUDxtUHxV9XUhZGyevArbT1DW9A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 558A 27 KB
11 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 19:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 03:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sat, 15 Jan 2022 19:52:20 GMT

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C02 35 KB
13 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 721A 0
0 38ms
38ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcuoVqP1sYai_MZLa7_UPgpW56AWpy7PNZZHkoejaDor9oITDARABIPOq4XtglbqsgrQHoAGr1bS7AsgBCagDAcgDywSqBMABT9DKtcw2M1Bz0rYrftUseZ_MqiOQRfy6ABOWvha9unUBZ2TtFWhxGcVU5_jC7ZK7PBN5hkUu2-nDOtLtUy-zC_FN4gH1YwEX1SA3guva1HCDqqZpObhi46j22A5t1VDRr-DkKaoOEHCurzDj3mZVNGG52MdLnjUjre6XrmPc3q06FGcg3OYQ0SIEbjaE5iebwhOK3nc4MpGsiQCfBH2JxfYv9prupU-PaVX7-AfjUKiXZH3G0SSSQeyAowR3qpDlwATttKeVtQOSBQQIBBgBkgUECAUYBKAGLoAHxbSTyQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcDEPxe0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDNAVAYAXAbIXHAoaCAASFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=5QxiDMdBAWA&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Oct 2021 04:52:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 558A 0
0 47ms
34ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMgvsqP1sYYvQMYWL7_UP2d2XqA-py7PNZZHkoejaDor9oITDARABIPOq4XtglbqsgrQHoAGr1bS7AsgBCagDAcgDywSqBMABT9AVL4iqnJDf_oWtFNSw4HBOnugihfG6OMujW_2nie3H7GiUnm_56uyeZspO5m0o3p5q9NJpWyJcT-7CpVqUzlT7UryuKcAig_OGxXQvqwfu16FYgP3on60iMqvgJW4nTj1Upt9jTL6sJoRqLEAviWeEYWpFDL8GUImvDOxjQQZdFPNIQLEeNnp8nUrO15INdLtqsUepk7eqHGDXU2ti0Hn_Da-W98s5yVEUlpse9rf91CQRx7NEVevCCMfUKq3cwATttKeVtQOSBQQIBBgBkgUECAUYBKAGLoAHxbSTyQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcDEPph0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDNAVAYAXAbIXHAoaCAASFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=xQ03CwsFdMM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Oct 2021 04:52:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3674
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

17ms
17ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 18-Oct-2021 05:52:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 18 Oct 2021 04:52:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FD0E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

15ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 18-Oct-2021 05:52:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 18 Oct 2021 04:52:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 18 Oct 2021 04:52:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CE6 35 KB
13 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D2F5 1 KB
864 B 10ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 17 Oct 2021 21:06:15 GMT
expires: Mon, 18 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 28002
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA1B 0
56 B 42ms
41ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20211013&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/load_preloaded_resource_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FA1B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3d3fd79f3bd5a5388144e95631112c09e06a035eb773af5a2621f0f4a33eec0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FA1B 21 KB
21 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 551188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FA1B 21 KB
21 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 556291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EAE6 1 KB
783 B 12ms
12ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 17 Oct 2021 21:06:15 GMT
expires: Mon, 18 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 28002
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 721A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75fbbb28bb7aecd7c2cc06797dfcd1747a014e058c67ca8fe102af4e9ed53550

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame CBB4 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6F31 1 KB
783 B 10ms
9ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 17 Oct 2021 21:06:15 GMT
expires: Mon, 18 Oct 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 28002
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 558A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a20ec26bcb891126912150603437c6d73d190b2e924ff12e2cf4cf9ac92e78e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 721A 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 551188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 721A 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 556291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 558A 21 KB
21 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 551188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 558A 21 KB
21 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 556291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D2F5 35 B
464 B 34ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN93HS3HF4auPRlgboL8YnQ&google_cver=1&google_push=AYg5qPIdm8MVGeJlp6niDP8uYWFJJEIL2YUgw2GHw0TF57PjZPkr64Js6mmi-ZXD6Wi_9ny0K8U4BpZjda3blG_127ZXKq76KLc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELFXls8w18UgS6No3BmzPf0&google_cver=1&google_push=AYg5qPJ0Yd1jRKOxLul9vJ2VWx0wzei9CFafra23ndRHMi0-Jutpqdw04AhNIs_2KGvixy11wtiFDHh8J7G1j9IpMSIyQ6qERUM
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ0Yd1jRKOxLul9vJ2VWx0wzei9CFafra23ndRHMi0-Jutpqdw04AhNIs_2KGvixy11wtiFDHh8J7G1j9IpMSIyQ6qERUM&google_hm=Q0FFU0VMRlhsczh3MThVZ1...

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ0Yd1jRKOxLul9vJ2VWx0wzei9CFafra23ndRHMi0-Jutpqdw04AhNIs_2KGvixy11wtiFDHh8J7G1j9IpMSIyQ6qERUM&google_hm=Q0FFU0VMRlhsczh3MThVZ1M2Tm8zQm16UGYw

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Oct 2021 04:52:56 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ0Yd1jRKOxLul9vJ2VWx0wzei9CFafra23ndRHMi0-Jutpqdw04AhNIs_2KGvixy11wtiFDHh8J7G1j9IpMSIyQ6qERUM&google_hm=Q0FFU0VMRlhsczh3MThVZ1M2Tm8zQm16UGYw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJjDk77NcJnx5NEvmpoHGWUs3nom50YhbFIs8Ch6p5lPMNfea7wz1DBtALY_Hl1qze3uxbWGe4NgTHNLldfvm-fl_5L01U&google_gid=CAESEDvtDW6tb94NrV1mRRaI4-o&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKn7s4sGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKakRrNzdOY0pueDVORXZtcG9IR1dVczNub201MFloYkZJczhDaDZwNWxQTU5mZWE3d3oxREJ0QUxZX0hsMXF6ZTN1eGJXR2U0TmdUSE5MbG...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUkx5VEpueWx1ZzUzUl9pSE13RHl0M1F3SHktNWxmZjEyZTEtV21MVUtrSQ==&google_push

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUkx5VEpueWx1ZzUzUl9pSE13RHl0M1F3SHktNWxmZjEyZTEtV21MVUtrSQ==&google_push

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Oct 2021 04:52:57 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUkx5VEpueWx1ZzUzUl9pSE13RHl0M1F3SHktNWxmZjEyZTEtV21MVUtrSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ__btN...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ__btN...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDAxNjQyNjk5NTQ2OA%3D%3D&google_push=AYg5qPJ__btNdYYdfyUYV3ELhIE-gvMfxh2BqGCoa_pPrsFy2Z7I71Ho3emL6JZs_ecZFr...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDAxNjQyNjk5NTQ2OA%3D%3D&google_push=AYg5qPJ__btNdYYdfyUYV3ELhIE-gvMfxh2BqGCoa_pPrsFy2Z7I71Ho3emL6JZs_ecZFrJfIOaVgo-UlhKSeZgDae0lMErXZXA

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDAxNjQyNjk5NTQ2OA%3D%3D&google_push=AYg5qPJ__btNdYYdfyUYV3ELhIE-gvMfxh2BqGCoa_pPrsFy2Z7I71Ho3emL6JZs_ecZFrJfIOaVgo-UlhKSeZgDae0lMErXZXA
pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D2F5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCFBfIP_EXuquikhDbGwo8&google_cver=1&google_push=AYg5qPKbx4fmWgASvlK4LfBFSMjouxaCSpcubuXld1x-7fcDVmA9Ve7k99K52IKGD3MdRKNbDNZ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUEtRC01UlpE&google_push=AYg5qPKbx4fmWgASvlK4LfBFSMjouxaCSpcubuXld1x-7fcDVmA9Ve7k99K52IKGD3MdRKNbDNZWraNDbhuaR-5KRdCMbGcMxOw

170 B
329 B

17ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUEtRC01UlpE&google_push=AYg5qPKbx4fmWgASvlK4LfBFSMjouxaCSpcubuXld1x-7fcDVmA9Ve7k99K52IKGD3MdRKNbDNZWraNDbhuaR-5KRdCMbGcMxOw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUEtRC01UlpE&google_push=AYg5qPKbx4fmWgASvlK4LfBFSMjouxaCSpcubuXld1x-7fcDVmA9Ve7k99K52IKGD3MdRKNbDNZWraNDbhuaR-5KRdCMbGcMxOw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame D2F5 43 B
296 B 115ms
20ms Image
image/gif 2a05:d01c:1d8:8100:967a:cdf5:1598:ad44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDULcoHxt3pLIcMBq_D8Rf4&google_cver=1&google_push=AYg5qPJSWiGRPlqDwxrN9LpsXz5o0ShN1PUSUiMIaDlo9vAKul9WhGajcqj4DbzijErcHyvp-wM1w44UJ6FQcF8lMzfNDT8bKHc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=11&bdt=1545&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0&nras=2&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=bFxZhfnQHI&p=https%3A//sci-hub.hkvisa.net&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:967a:cdf5:1598:ad44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D2F5 0
40 B 40ms
16ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWWR4tJDkFe3cFcRxR2IOGzQ4zMXL5nYIDmSoximzoiEGuM1PdJlx23G458uftWw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C69 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame EAE6 35 B
463 B 21ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN93HS3HF4auPRlgboL8YnQ&google_cver=1&google_push=AYg5qPL7MeCXoXdDjaxCHY609QupYBUN3yKQFkCEydM9dXFyfZLM6MOKmBwEWbqHhmzQe-GWleK6oahkAsXoPm6EreUMutAowt5bpw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAE6
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELFXls8w18UgS6No3BmzPf0&google_cver=1&google_push=AYg5qPIbINV9JTua9pSaj_Ye0npoiw96wx3K6t6EbIxLkmY7yq7W6CYp6z4ouNSTJnbUXknDKFbf4uwazcp5kNtdxM-WctrqMpuu1g
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIbINV9JTua9pSaj_Ye0npoiw96wx3K6t6EbIxLkmY7yq7W6CYp6z4ouNSTJnbUXknDKFbf4uwazcp5kNtdxM-WctrqMpuu1g&google_hm=Q0FFU0VMRlhsczh3MTh...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIbINV9JTua9pSaj_Ye0npoiw96wx3K6t6EbIxLkmY7yq7W6CYp6z4ouNSTJnbUXknDKFbf4uwazcp5kNtdxM-WctrqMpuu1g&google_hm=Q0FFU0VMRlhsczh3MThVZ1M2Tm8zQm16UGYw

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Oct 2021 04:52:57 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIbINV9JTua9pSaj_Ye0npoiw96wx3K6t6EbIxLkmY7yq7W6CYp6z4ouNSTJnbUXknDKFbf4uwazcp5kNtdxM-WctrqMpuu1g&google_hm=Q0FFU0VMRlhsczh3MThVZ1M2Tm8zQm16UGYw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAE6
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRPcuy...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRPcuy...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDA4OTUxMDA2NzUwNA%3D%3D&google_push=AYg5qPKRPcuyZrbSwOh-uAVQz0RjjKftVEr8RyzDZ1GklSODGJYtshdgd3ZWjAh_kScp1s...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDA4OTUxMDA2NzUwNA%3D%3D&google_push=AYg5qPKRPcuyZrbSwOh-uAVQz0RjjKftVEr8RyzDZ1GklSODGJYtshdgd3ZWjAh_kScp1sqb_GLTFihIi9YNefbfa8yPj5-cISaO

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMTgwNDUyNTcwMDA4OTUxMDA2NzUwNA%3D%3D&google_push=AYg5qPKRPcuyZrbSwOh-uAVQz0RjjKftVEr8RyzDZ1GklSODGJYtshdgd3ZWjAh_kScp1sqb_GLTFihIi9YNefbfa8yPj5-cISaO
pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAE6
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKKg
https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKK...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKKg&google_hm=NVdsLs0oyKMGaSrrVYHk6g==

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKKg&google_hm=NVdsLs0oyKMGaSrrVYHk6g==

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKoz1DCLUfqmzkWH08vmLfTZoxXD7ziZQphLjh4C4i5uT8_6VzYk9uIhKTwDOs_5fWJDffaWJJGTRIdHUfZXXAPm5cuYGUKKg&google_hm=NVdsLs0oyKMGaSrrVYHk6g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 0eo3ilk6n0p2rkf5ptgfbap11jh5936d

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAE6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vd9s9QiGRLWma6vGEQNA3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vd9s9QiGRLWma6vGEQNA3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6i5Vp2jhmoAQxVh6_CCXbLTCqQL9gt3wCW1zmenEQBGN9iQXlI35TLIusK4jUJJEaadlwlaG2-JZO5zL1aBT-apzjiWUcDg

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vd9s9QiGRLWma6vGEQNA3w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI6i5Vp2jhmoAQxVh6_CCXbLTCqQL9gt3wCW1zmenEQBGN9iQXlI35TLIusK4jUJJEaadlwlaG2-JZO5zL1aBT-apzjiWUcDg
date: Mon, 18 Oct 2021 04:52:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EAE6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCFBfIP_EXuquikhDbGwo8&google_cver=1&google_push=AYg5qPImAr5crLwE750jEqRoZjfMGBq2uBwMmoe28Cwu_GJUC12vwSTwCKXNZ1QJjVZF7q4fnet...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUktRi1MQ0hG&google_push=AYg5qPImAr5crLwE750jEqRoZjfMGBq2uBwMmoe28Cwu_GJUC12vwSTwCKXNZ1QJjVZF7q4fnet3zCfway26nMWmtA9E1iQ_ejDcEA

170 B
232 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUktRi1MQ0hG&google_push=AYg5qPImAr5crLwE750jEqRoZjfMGBq2uBwMmoe28Cwu_GJUC12vwSTwCKXNZ1QJjVZF7q4fnet3zCfway26nMWmtA9E1iQ_ejDcEA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWUktRi1MQ0hG&google_push=AYg5qPImAr5crLwE750jEqRoZjfMGBq2uBwMmoe28Cwu_GJUC12vwSTwCKXNZ1QJjVZF7q4fnet3zCfway26nMWmtA9E1iQ_ejDcEA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame EAE6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4c...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EAE6 0
253 B 26ms
16ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRC5nZwpivalbH940eUrhSv98z2xkO_hWpw2xzTnlVK7z54bD_cU-kBduCXNIYgJCb9Gv5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6F31 35 B
464 B 10ms
6ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN93HS3HF4auPRlgboL8YnQ&google_cver=1&google_push=AYg5qPLeo5dWgaTft7kOQWIDAnZj1er29uvqxq5PX1FoH5m4Vr1aPWE19nWz5kExnzDcnObFr4To8Rpnsi03y2m626q3bWVwic-D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 6F31 42 B
189 B 18ms
14ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJth79SoaHquyWCqHSuEos7R5TnC9YQF_55rRpyui77z4qDuIR2FCMG8T8cIA7CaniqOeoTdvpzXYCHGjCr9FDui1QXg2g&google_gid=CAESEDvtDW6tb94NrV1mRRaI4-o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:57 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F31
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB
https://rtb.openx.net/sync/dds?google_gid=CAESEML3smpzkrCcOyKlYrjOLWc&google_cver=1&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB&google_hm=NVdsLs0oyKMGaSrrVYHk6g==

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB&google_hm=NVdsLs0oyKMGaSrrVYHk6g==

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPICkAQ8BMt1VxHdFfwFwXmCTkk3f2wnhnD_9CwceOda56x7a7tjWRA8NnoypbRvK9DLPxz75M0UrU3XVRIClpzjZY1CHfnB&google_hm=NVdsLs0oyKMGaSrrVYHk6g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: vr9602mucncdfqapllacs1lonljaluak

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F31
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=scSy9CkPQu2Bz4c3mqw-8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=scSy9CkPQu2Bz4c3mqw-8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPInbpqR7ThdSyFQKjDC5hhkXxq21EoX0Wx8Ex-ReS-PVGbjeoCnBo4iwyc--9sFONeJ4rR_L4RJm0lTr2Nlgr66v5PkD02P

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=scSy9CkPQu2Bz4c3mqw-8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPInbpqR7ThdSyFQKjDC5hhkXxq21EoX0Wx8Ex-ReS-PVGbjeoCnBo4iwyc--9sFONeJ4rR_L4RJm0lTr2Nlgr66v5PkD02P
date: Mon, 18 Oct 2021 04:52:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F31
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMCFBfIP_EXuquikhDbGwo8&google_cver=1&google_push=AYg5qPKikCGj8-DhUteYSQHDVBrLtyGzPpND3ecrb-ZR59kul96Xd6XUaHUmfngoP64Md-aibcO...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWVctMVgtOTZOVw==&google_push=AYg5qPKikCGj8-DhUteYSQHDVBrLtyGzPpND3ecrb-ZR59kul96Xd6XUaHUmfngoP64Md-aibcODcd8dszZT7Mo06Ruesd3sLaeK

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWVctMVgtOTZOVw==&google_push=AYg5qPKikCGj8-DhUteYSQHDVBrLtyGzPpND3ecrb-ZR59kul96Xd6XUaHUmfngoP64Md-aibcODcd8dszZT7Mo06Ruesd3sLaeK

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXNk0yWVctMVgtOTZOVw==&google_push=AYg5qPKikCGj8-DhUteYSQHDVBrLtyGzPpND3ecrb-ZR59kul96Xd6XUaHUmfngoP64Md-aibcODcd8dszZT7Mo06Ruesd3sLaeK
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 6F31
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJy...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F31
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJcuvK_5BFCmI1vcu0ry3M4&google_cver=1&google_push=AYg5qPKRil6kKp1EzNakoi4d...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRil6kKp1EzNakoi4dcUNai20bwv07l-XQmt4RRbitm8uAVETu6oiBmc7niyUx1U2ed-za2yicjTJ3rac8CUQB3NgOcvkcOQ&google_hm=

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRil6kKp1EzNakoi4dcUNai20bwv07l-XQmt4RRbitm8uAVETu6oiBmc7niyUx1U2ed-za2yicjTJ3rac8CUQB3NgOcvkcOQ&google_hm=

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:57 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKRil6kKp1EzNakoi4dcUNai20bwv07l-XQmt4RRbitm8uAVETu6oiBmc7niyUx1U2ed-za2yicjTJ3rac8CUQB3NgOcvkcOQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 17 Oct 2021 04:52:57 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6F31 0
40 B 16ms
15ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaKFE50grgpaehBlRihxCIanYStq5Bb-JAgRU-S-4iJEEQt7Q-RjfIbSQ9x_rOO9loeidUeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:57 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 121 B
592 B 289ms
44ms Script
application/javascript 31.131.252.91
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=Cu1FhbZ7RTngnaBB&first=1

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

6cee7af55eb16c591cfd08f5b6047dc5c3de91e17bdd345777395be63fe68acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Oct 2021 04:52:57 GMT

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 121 B
592 B 287ms
43ms Script
application/javascript 31.131.252.91
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=P7AwRGguw4bvr3q5

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

6cee7af55eb16c591cfd08f5b6047dc5c3de91e17bdd345777395be63fe68acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Thu, 21 Oct 2021 04:52:57 GMT

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

43 B
528 B

46ms
46ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Oct 2021 04:53:07 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 17 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Oct 2021 04:53:07 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 17 Oct 2020 21:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 39ms
18ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d7d2c7d7fcd0bdbefd54e95f6e17fbab72d1180f20a6b8dc11a881e4d58ea64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Oct 2021 04:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8620
x-xss-protection: 0

GET
H/1.1 200
OK 06.png
share.pluso.ru/img/pluso-like/square/medium/ 23 KB
23 KB 322ms
81ms Image
image/png 31.131.252.91
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/pluso-like/square/medium/06.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-5b8f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 23439
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 285ms
44ms Image
image/png 31.131.252.91
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/plus.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame DA57 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280&nras=3&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=cLIEUwU3w2&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame 7553 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1634532776&rafmt=1&to=qs&pwprc=6292441334&psa=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634532776781&bpp=1&bdt=1544&idt=-M&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78a213b847746435-22ecf602f7ca00be%3AT%3D1634532776%3ART%3D1634532776%3AS%3DALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA&prev_fmts=970x90%2C1001x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=5448744265777&frm=20&pv=1&ga_vid=52995847.1634532776&ga_sid=1634532776&ga_hid=612515035&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=2864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063146%2C31062524&oid=2&psts=AGkb-H9hKMRroIJh7OeM0g_-L24xqh47JE6-eE2ipOUXcxjXWZPD1D9PymRpDKFBmS_EtxRrrNNliOkBqNA&pvsid=1742748023244169&pem=451&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GsooH4Gh03&p=https%3A//sci-hub.hkvisa.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H/1.1 200
OK kb.js Show response
kitbit.net/ 1 KB
2 KB 244ms
42ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/kb.js

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

58ee63f6a2cac68fbc59e0d20aaba073024cafcd159191cf7ae1d4ac4db64e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:51:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmFs/TWE5wstxvAqAg==
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=21600, private
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Mon, 18 Oct 2021 10:51:01 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 18 Oct 2021 04:52:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DB6A 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 17 Oct 2021 21:12:41 GMT
expires: Mon, 17 Oct 2022 21:12:41 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FD4E 783 B
1 KB 16ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95d3bbef25bfc950e279511e656b026843a1291c7ef1ea9ee8e543f146bf7d32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W7XFrVvT8bnQ3+oYjd9EkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.hkvisa.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 18 Oct 2021 04:52:57 GMT
date: Mon, 18 Oct 2021 04:52:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-W7XFrVvT8bnQ3+oYjd9EkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js Show response
pagead2.googlesyndication.com/bg/ Frame DB6A 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 17 Oct 2021 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 11:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 17 Oct 2022 15:29:20 GMT

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ 3 KB
3 KB 150ms
47ms Script
application/javascript 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:57 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:04 GMT
Server: nginx
ETag: "6168c22c-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H/1.1 200
OK s.js Show response
kitbit.net/ 1 B
303 B 45ms
43ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/s.js?u=https%3A%2F%2Fsci-hub.hkvisa.net%2F

Requested by

Host: kitbit.net
URL: https://kitbit.net/kb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:51:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 18 Oct 2021 04:51:00 GMT

GET
H/1.1 200
OK h.gif
kitbit.net/ 43 B
537 B 87ms
42ms Image
image/gif 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//sci-hub.hkvisa.net/&h=Sci-Hub%26kbuid%3D5EFC831F35FD6C612D0BE784022AF0C6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:51:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmFs/TWE5wstxvArAg==
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 18 Oct 2021 04:51:01 GMT

GET
H2

200

cro
optinder.com/
Redirect Chain

https://p1.ntvk1.ru/nps
https://optinder.com/cro

0
543 B

42ms
15ms

Image
application/octet-stream

2606:4700:3036::6815:15dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optinder.com/cro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:15dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 04:52:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEIQ9AyctIqqVioPE9UwoC8KVCTVqhlYT6vLvswHbRy1SBArQ8959xx0nYfmYf%2B51FMToujF6QEOuXtFJC3XM5cfxrLqvjyTARYYrB7G8hF8lm9dvo5ae8kssp1xpSYdqCxNsvAsNCxqrKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cf-ray: 69ff29068a634e4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

Redirect headers

x-77-nzt: AcO1rgXp45KB
date: Mon, 18 Oct 2021 04:52:57 GMT
last-modified: Mon, 18 Oct 2021 04:52:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: LBWjgAxOt5U=
x-77-cache: MISS
content-type: text/html; charset=UTF-8
location: //optinder.com/cro
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
x-cache: MISS
x-77-pop: frankfurtDE
content-length: 0
x-request-id: 586896885-3-1634532777.947
expires: Mon, 18 Oct 2021 04:52:56 GMT

GET
H/1.1 200
OK sud
ut9.rktch.com/ 88 B
88 B 184ms
42ms Image
image/png 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut9.rktch.com/sud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:58 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 88
Content-Type: image/png

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD4E 0
0 47ms
47ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=1742748023244169&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=1742748023244169&bg=!KCulK2_NAAao6lBpqOo7ACkAdvg8WpVCPSN-4kYIF1c5vW-xWIofbvs6yIfR_ZjHgTRTSciMAjlo5QIAAABnUgAAAAloAQcKAJO1L3OeDEvAhYQozpsuvh7xty5f8CDN3kZ6Sq7t56TyjWX73HWF-VQLEDwmmcvCrG12DFp2y7V8yrKAwQtYl289CKX3itKCUr1az-vrY5mgSzrmnCAVPXV6h28iCaUPKLDD7d7A5iFgG8dfNmhRyMpt8Yt3ZsdBu3-x6ki8SXIfV7Do_owXDISGuKrC4zO4-EXN5YiZAuVedTehOMcE90S2TRQdlI5gWDpTNA_fyMAmIo20n6hi2zU1M4hVHqhzZjS3agts-seu11UqRFBBy90TIU2i2fSkG3dZlZDnksZK_sGHYSAt2YWQrsOCd7ISTxcbY8vpI3Nu1DTuWu_4a4oEifTcsBRCG-i81vOdhE-2Aa2j35miX0bB-87EAlbtEKVSNy0prc3HGEnU_SHZ9bB12JiVA-aStKYO1yxn7WE85us6pkt_Zzb4qdsW0lvnSCOpr7Kxv13OVcXlds9-uOmKoNEww06cj5YdeLhQVAKTbObS07wgdT4Hq3zbaf05yABnCQHTNYkWkOD_KWtNeDerZKJPPqg2GI2lEj0sxnKUTIk2d7-6G5lr-KVklr1fQKSuCp5vD5EuvdztnqNKinhORDouZaxsfC4CT0uXY4igXcoxyQhzi_QkZU5nc1fdSAw7gtozSclMtTYEKw2vZ27xJbGxePqgdLjYDDGUgn0Fc1agoZGvALcrorIuMRhdm6yDAcFyM9ug07or5Va6YV-9E1P4LvDAy8tgT0d0qTqqTWZ4cMwOrPTdEs3FAmbIHfCnpnaIHKC7hA5TovTnggUsxaS2mr4q838Em3EbIvHNf7aPJJ3DrUKztnkC9dHbqU8fAhi0S7fQRTFgTPYtZJaUPD5TzLVV0gpEZWuIZItLRrS_Pz11NvLU15jPsMTE832UYEkbpDawZb7yfaHP3ZBY8_h-TWk1Ap53-lE8i3PHGZn64aqSTR_JKeFitlD0zCZB0lx-uPi0rqPY4sp6ieiCrGCj2cPUw51waZLHbFWaHfLwn6BVAgkNXZVqEwR46h3X29H4kbp9rmFsagDyCfLBmdBG7FzDhoz1oTg1lHPHIAFiIJfpKkAOFy1Vr2tLROQtNW8TqFuhKYhpjJFu5DmJY7aWSwCUJw24CSR3mTFY5c2t5DhSe9lFrDqaifziqDDuC5XbxmYPku7QHkVUsV_bc7l8vnhwBqjd98g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ 15 KB
15 KB 86ms
86ms Script
application/javascript 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=593734565629401
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:58 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:04 GMT
Server: nginx
ETag: "6168c22c-3cc1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15553

GET
H/1.1 200
OK extension_1086.js Show response
tag.digitaltarget.ru/extensions/ 475 B
719 B 46ms
45ms Script
application/javascript 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/extensions/extension_1086.js?i=846500282251168
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: ea5267ab8f48df1f085df89f320a63ffe30ae68c5b02d85ec0437e4cdcb6b7de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:58 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:05 GMT
Server: nginx
ETag: "6168c22d-1db"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 475

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 64EA 42 B
174 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8w0PMuxAEEHu3XQR6EeZIDngp7kKxkX8cxk_kThe-S524hbhCz8EtOWAsHLOJ3IU-WnUT5SFrztl4WCvH6pyLlz0W56Zycm1dz01oxgjxba_nEG2oFQ&sai=AMfl-YRdXy-gsjRq0P-OIktK3_Fpe9yPzX7HH7GdPRbyewdVh5YwsmtOvT1aw01W7JRkYqaP8Hd0ebiEvxYh&sig=Cg0ArKJSzLzO3OWf50CfEAE&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1980608376&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634532776131&rpt=990&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:52:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

404
Not Found

i
dmg.digitaltarget.ru/1/7250/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7250/i/i?i=45293897039323.429455627928358&c=tg:adcm_pc
https://dmg.digitaltarget.ru/1/7250/i/i?i=45293897039323.429455627928358&c=tg:adcm_pc&q=scc

0
452 B

44ms
43ms

Image
text/plain

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/7250/i/i?i=45293897039323.429455627928358&c=tg:adcm_pc&q=scc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:58 GMT
Server: nginx
Connection: keep-alive
Content-Type: Not found: placement 7250
Transfer-Encoding: chunked
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/7250/i/i?i=45293897039323.429455627928358&c=tg:adcm_pc&q=scc
Date: Mon, 18 Oct 2021 04:52:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

404
Not Found

i
fnc.rt.ru/1/6532/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/6534/i/i?i=45293897039323.685840680095999&c=tg:adcm_pc
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=45293897039323.685840680095999&c=tg:adcm_pc
https://fnc.rt.ru/1/6532/i/i?i=5flIDZi4kbd9VW57Woy.&c=tg:rds_6534
https://fnc.rt.ru/1/6532/i/i?i=5flIDZi4kbd9VW57Woy.&c=tg:rds_6534&q=scc

0
430 B

57ms
56ms

Image
text/plain

185.15.175.137
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fnc.rt.ru/1/6532/i/i?i=5flIDZi4kbd9VW57Woy.&c=tg:rds_6534&q=scc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.137 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:58 GMT
Server: nginx
Connection: keep-alive
Content-Type: Not found: placement 6532
Transfer-Encoding: chunked
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/6532/i/i?i=5flIDZi4kbd9VW57Woy.&c=tg:rds_6534&q=scc
Date: Mon, 18 Oct 2021 04:52:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/6465/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=45293897039323.377244786797637&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:ducMml9Hopf5gMbetHhoI1BG.xp...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=45293897039323.377244786797637&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:du...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D%26sds%3D1086
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D%26sds%3D1086&bounce=1&random=2549607468
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=HxsaYIc77m8zlQa07hsI7e&sds=1086

49 B
603 B

67ms
67ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=HxsaYIc77m8zlQa07hsI7e&sds=1086

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:53:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 19
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

pragma: no-cache
date: Mon, 18 Oct 2021 04:53:01 GMT
via: 1.1 google
last-modified: Mon, 18 Oct 2021 04:53:01 GMT
server: nginx/1.12.0
location: https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=HxsaYIc77m8zlQa07hsI7e&sds=1086
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/2016/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=45293897039323.63873156602812&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:ducMml9Hopf5gMbetHhoI1BG.xps...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=45293897039323.63873156602812&a=86&e=5EFC831F35FD6C612D0BE784022AF0C6&c=ss:86.up:5EFC831F35FD6C612D0BE784022AF0C6.sync:up.xdua:duc...
https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086
https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086&cc=1
https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMNfpUJZkRQcW9mUIf58BITQ==&c=pc:&i=19393d8f&rds=1086

49 B
603 B

60ms
60ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMNfpUJZkRQcW9mUIf58BITQ==&c=pc:&i=19393d8f&rds=1086

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 04:52:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 10
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Pragma: no-cache
Date: Mon, 18 Oct 2021 04:52:59 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMNfpUJZkRQcW9mUIf58BITQ==&c=pc:&i=19393d8f&rds=1086
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.sci-hub.shop
URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scihubtw.tw/	1970-01-20 06:47:48	Name: __ddg1 Value: k0m5jFzPHT9ZAjlgiOrH
.hkvisa.net/	1970-01-20 06:47:48	Name: __ddg1 Value: fscrpHPFgvvWAK1RruHB
.hkvisa.net/	1970-01-20 07:23:48	Name: __gads Value: ID=78a213b847746435-22ecf602f7ca00be:T=1634532776:RT=1634532776:S=ALNI_MZIMZD5c-itT4lRmOoZhnG2VhW1GA
.doubleclick.net/	1970-01-20 07:23:48	Name: IDE Value: AHWqTUkguUbG5-j6JdU9mBHrqWFomw8wuOM34HBXFg48X6jQSVG8w5iGFVoaixC3afk
.doubleclick.net/	1970-01-19 22:02:16	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 00:11:48	Name: d Value: EH0BCQHBJIEA
.quantserve.com/	1970-01-20 07:32:27	Name: mc Value: 616cfda9-8e35b-dc464-75a33
.rlcdn.com/	1970-01-20 06:47:48	Name: rlas3 Value: 9K8/Rr6//5VSou/SQzJvOePs59nM3FHDG5KcTJu7xkI=
.openx.net/	1970-01-20 06:47:48	Name: i Value: 39add94b-cd29-4e7a-bacb-aeb4e2bfedad\|1634532777
.casalemedia.com/	1970-01-20 00:11:48	Name: CMPS Value: 5229
.agkn.com/	1970-01-20 06:47:48	Name: u Value: C\|0CEAo_7opKP-6KQAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 06:47:48	Name: ab Value: 0001%3AQ3etJoLzmiCh0fZftPswAz9r%2BUqjzKAS
.rlcdn.com/	1970-01-19 23:28:36	Name: pxrc Value: CKn7s4sGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 06:47:48	Name: CMID Value: YWz9qf.jtOo49GOBjTxu0QAA
.casalemedia.com/	1970-01-20 00:11:48	Name: CMPRO Value: 1213
.casalemedia.com/	1970-01-19 22:03:39	Name: CMST Value: YWz9qWFs-akA
.pubmatic.com/	1970-01-19 22:03:39	Name: KTPCACOOKIE Value: YES
.innovid.com/	1970-01-20 00:11:48	Name: uuid Value: cd9ec310-5f1d-461c-8161-623ecce4bdad-20211018 00:52:57
.pubmatic.com/	1970-01-20 00:11:48	Name: KADUSERCOOKIE Value: B1C4B2F4-290F-42ED-81CF-87379AAC3EF2
.e.dlx.addthis.com/	1970-01-20 07:32:27	Name: na_tc Value: Y
.yadro.ru/	1970-01-20 06:47:20	Name: FTID Value: 1XRFsp1nNKOB1XRFsp0024Yl
.yadro.ru/	1970-01-20 06:47:20	Name: VID Value: 13VtL32ODSuB1XRFsp0024cy
.addthis.com/	1970-01-20 07:32:27	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-19 22:45:24	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 22:45:24	Name: na_sr Value: 20211018
.dlx.addthis.com/	1970-01-19 22:02:12	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 22:45:24	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 07:32:27	Name: na_id Value: 2021101804525700016426995468
.addthis.com/	1970-01-20 07:32:27	Name: uid Value: 616cfda97d813929
.addthis.com/	1970-01-20 07:32:27	Name: ouid Value: 616cfda900017e378e48b25602750c02ee2b4ac5a65caa404860
.rktch.com/	1970-01-19 22:45:24	Name: b_uid Value: 13af532a9e05968152bf33e4e85ec32eaff8
sci-hub.hkvisa.net/	1970-01-20 17:21:07	Name: _a_d3t6sf Value: ducMml9Hopf5gMbetHhoI1BG
.dmg.digitaltarget.ru/	1969-12-31 23:59:59	Name: visessid Value: 04ea71bc_17c808d59d5_00000000000123b1
.fnc.rt.ru/	1970-01-20 23:57:24	Name: viuserid Value: l6KOMKgq5R5a55555p0l
.fnc.rt.ru/	1969-12-31 23:59:59	Name: visessid Value: 3b41a47d_17c808f5fde_000000000002affe
.dmg.digitaltarget.ru/	1970-01-20 23:57:24	Name: viuserid Value: HgZ5mepoYP9QbZH7pWuL
.weborama.fr/	1970-01-20 07:33:53	Name: AFFICHE_W Value: FU8GsbAn1UYV16

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://sci-hub.hkvisa.net/ Message: Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.hkvisa.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20110914/zrt_lookup.html?fsb=1(Line 22) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3871649211505799656/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_push=AYg5qPK9GA69yV9gLzb8ipY0QXcB79hCeCANnucZaGlyBrNe07H7iZZk6BUNLa0EP7sWwsVFhKyy_197BKGvzqoa4cUNwx2aksOK6A&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWz9qf-jtOo49GOBjTxu0QAABL0AAAAB&google_cver=1&google_gid=CAESEHf0TJBGNiua7JnqyHyH3XA&google_push=AYg5qPJpQvn_W9fUXsMHMzQ0dA2mGQmeFxDJyOPJRkob_qjegr3jTL6Qk2XlCFMovcq2V0zju6KMwBnzjoDtuStAHIayAL4Eszsh Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://dmg.digitaltarget.ru/1/7250/i/i?i=45293897039323.429455627928358&c=tg:adcm_pc&q=scc Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fnc.rt.ru/1/6532/i/i?i=5flIDZi4kbd9VW57Woy.&c=tg:rds_6534&q=scc Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cm.p.altergeo.ru
cms.quantserve.com
counter.yadro.ru
d.agkn.com
dmg.digitaltarget.ru
e.dlx.addthis.com
fnc.rt.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
img.sci-hub.shop
kitbit.net
o69iay0p.gwhomo69iay0p.dev.sci-hgoogleub.scihubtw.tw
optinder.com
p1.ntvk1.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
redirect.frontend.weborama.fr
rtb.openx.net
sci-hub.hkvisa.net
share.pluso.ru
tag.digitaltarget.ru
tpc.googlesyndication.com
ut9.rktch.com
www.google.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
img.sci-hub.shop
104.111.215.191
138.201.139.144
142.250.185.98
18.184.251.131
185.15.175.137
185.15.175.145
185.15.175.146
185.178.208.151
185.178.208.158
185.64.190.78
216.58.212.130
2606:4700:3033::ac43:a162
2606:4700:3036::6815:15dc
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a02:6ea0:c700::11
2a05:d01c:1d8:8100:967a:cdf5:1598:ad44
31.131.252.91
31.131.252.94
35.190.16.14
35.227.252.103
35.244.174.68
69.173.144.139
79.137.69.120
88.212.201.204
89.108.97.2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0d9ba05cdfd2ec5efe4c2e922313d4442fc81d34cfd93c79cddf58cd37a75cc3
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14bc8c6eff7aca9cff2c297d576fe0566e9befe347431257b7c94630e194ac93
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1c385ca4734df5d7ea8c1ce955ceb91838068746a29c3824999e49bb15486456
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f160d83894db09b179bfc7c1485ec31c333e637ecafac143894cf46331db38e
32493126692eb974c168fa7b25fafadac136c39ca083cf4004a02f651e784039
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
3a20ec26bcb891126912150603437c6d73d190b2e924ff12e2cf4cf9ac92e78e
3af69bcb5355b495a3dc91c30f4dc6bf794ec382afa7ada72e5aefc360ac2191
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
58ee63f6a2cac68fbc59e0d20aaba073024cafcd159191cf7ae1d4ac4db64e5b
5ae4703be2710fe5cb8f7af6f60870f819ff7a0af3252835506257cba0912dc4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7d2c7d7fcd0bdbefd54e95f6e17fbab72d1180f20a6b8dc11a881e4d58ea64
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
64421d25a5587dc97889a1d23b45d0b9528aa87173250489309a658e20a36bba
6cee7af55eb16c591cfd08f5b6047dc5c3de91e17bdd345777395be63fe68acf
75fbbb28bb7aecd7c2cc06797dfcd1747a014e058c67ca8fe102af4e9ed53550
77de1a1b00ac331116f7aa733e701b7d7af3780b94f85d21485426ae2e0b1013
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
79944f08a4f7106be9c4738648d0b5d3d0cab091cdd60849928ac9d5d99ee1c4
7ce8fde1e19d45e140ba1f2e2756d7e564eb85c8888cc49547ee6a7cf87bc081
7e835c9e0e17ae32f44574dfb0e65b8f413268cc132729ff1342bc5a72adcedb
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
82ac8f104261c3157de398ab098d3408aae49c5585388a206f3537f57a10ba20
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8acf7e17996e24c7ecf0ce80241d34b2e4dd735daaab3ab8567bf1351bc35874
8cd013d7c23fd6fec01c6e599a5ce32d53275da53a0b057796d3570fe4efa486
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
8ed8383deb802055202735bd86f7b951b661e93fa119966f5f4ad0cc29e02685
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
95d3bbef25bfc950e279511e656b026843a1291c7ef1ea9ee8e543f146bf7d32
9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ecb912e3d60eed3050ca2825ff8dc7796d86154539d1c0c8a5d819430c5b9db
a0237d785ab8dc5e5f6675beca6a57ebdcfb547cb43b5f348da9573a1c7f0da8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5fe9bb3b706409658919155363759acaae6eb00caeb3287ceffba259610c6ec
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
af4348ff9083ccf2fcf63bbf27e0d80fc104b58727e5adfbaa87304984a124fa
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b5234ea5f903f0fbf504ca2b607d79070b173d3ba58f59096b769de038621929
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bb763e54a989d127a27b78ae4d23290bccc467b8d527ebae3f24951d88a67847
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be8e26d3aa7edc729e6d7b8bfc5cbb995bfa55ebf1f7c500fe064349c85e9311
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c149d7326b56a7a566100bfc8bb6f80a1b577fc06cabb89c7728c519bf55fd65
c346e91c1a910088cb31d4e4c9f4669739b1e6484b59b9ebbea0777309c9792e
c3d3fd79f3bd5a5388144e95631112c09e06a035eb773af5a2621f0f4a33eec0
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d819f707bca2070637b5256597ca11e79fb8cbdd1b95fe3a2df5e19c86a51017
d9af6ab747e8cc77d7021c67bb2591fb87a67b26b436edb1bf0490ca0e54a7d9
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e1e71ed2eddc8da4f91d50d9a8b878a7a389c0e252d88947ad12123ce35bd04f
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3f519c9293a1331a38cbafdb6a2f11a089f961e5586077f64f05b60bdb948
ea5267ab8f48df1f085df89f320a63ffe30ae68c5b02d85ec0437e4cdcb6b7de
ee333f5bc6bbb0db6a46ae1d20b5ee330449b2354cda1ea7359a15ffdc204516
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20fc90fdb436886d306fffadf89a1c9cc848ddee8264057a8e2a81eeb82dea9
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
fb3f218c37dcf3f9505b069c7c9c82713efe12453658d49da82941154c3b57f9
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

sci-hub.hkvisa.net Open in urlscan Pro 185.178.208.158 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

95 %HTTPS

39 %IPv6

30 Domains

35 Subdomains

24 IPs

5 Countries

2261 kBTransfer

4620 kBSize

37 Cookies

4 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sci-hub.hkvisa.net Open in urlscan Pro
185.178.208.158 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

95 %
HTTPS

39 %
IPv6

30
Domains

35
Subdomains

24
IPs

5
Countries

2261 kB
Transfer

4620 kB
Size

37
Cookies

197 HTTP transactions
8 data transactions