sci-hub.mksa.top
2606:4700:3033::6815:35c2 Malicious Activity!

Go To Rescan
Add Verdict Report

Submitted URL:
http://sci-hub.mksa.top/
Effective URL:
https://sci-hub.mksa.top/
Submission: On June 07 via api (June 7th 2021, 8:34:32 pm UTC) from NL

Summary HTTP 126 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 32 domains to perform 126 HTTP transactions. The main IP is 2606:4700:3033::6815:35c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.mksa.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 3rd 2021. Valid for: a year.

This is the only time sci-hub.mksa.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3033::6815:35c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3034::6815:9e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
4	31.131.252.90 31.131.252.90	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
3	31.131.252.94 31.131.252.94	49505 (SELECTEL) (SELECTEL)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
7 12	185.15.175.157 185.15.175.157	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2606:4700:303... 2606:4700:3036::6815:15dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	185.15.175.137 185.15.175.137	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	87.240.137.158 87.240.137.158	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
1 2	172.217.16.102 172.217.16.102	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	52.85.170.90 52.85.170.90	16509 (AMAZON-02) (AMAZON-02)
1	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	34.253.75.69 34.253.75.69	16509 (AMAZON-02) (AMAZON-02)
1	13.225.74.7 13.225.74.7	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2013	15169 (GOOGLE) (GOOGLE)
126	45

2 2606:4700:3033::6815:35c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sci-hub.mksa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3034::6815:9e6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.131.252.90 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.131.252.94 (Russian Federation)

ASN49505 (SELECTEL, RU)

kitbit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.15.175.157 (Russian Federation) 7 redirects

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 (^_^)/, GB)

p1.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:15dc (United States)

ASN13335 (CLOUDFLARENET, US)

optinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.137 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

fnc.rt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.137.158 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv158-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.45 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Bad Schwalbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: prg02s12-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.170.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-170-90.bud50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.75.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.74.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-7.fra2.r.cloudfront.net

analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	122 KB
23	doubleclick.net 7 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net 5994599.fls.doubleclick.net	182 KB
21	sci-hub.shop img.sci-hub.shop	576 KB
12	digitaltarget.ru 7 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	26 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net hal900015.redintelligence.net	60 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com	6 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
5	google.com adservice.google.com www.google.com	990 B
4	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
4	webgains.com track.webgains.com diapi.webgains.com	13 KB
4	pluso.ru share.pluso.ru	27 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	kitbit.net kitbit.net	2 KB
2	m-t.io w-it.m-t.io	323 B
2	gstatic.com fonts.gstatic.com	32 KB
2	medialead.de 2 redirects pv.medialead.de medialead.de	2 KB
2	vk.com vk.com	890 B
2	rt.ru 2 redirects fnc.rt.ru	1 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	67 KB
2	mksa.top 1 redirects sci-hub.mksa.top	7 KB
1	googleapis.com fonts.googleapis.com	757 B
1	awin1.com www.awin1.com	702 B
1	ad-server.eu ad-server.eu	312 B
1	office-partner.de adv.office-partner.de	1 KB
1	media01.eu pb.media01.eu	226 B
1	2mdn.net s0.2mdn.net	60 KB
1	rktch.com ut9.rktch.com	88 B
1	optinder.com optinder.com	299 B
1	ntvk1.ru 1 redirects p1.ntvk1.ru	380 B
1	google.de adservice.google.de	165 B
126	32

	Domain	Requested by
21	img.sci-hub.shop	sci-hub.mksa.top
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	dmg.digitaltarget.ru	7 redirects
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	securepubads.g.doubleclick.net	sci-hub.mksa.top securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	hal900015.redintelligence.net	1 redirects 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com hal900015.redintelligence.net
4	hal9000.redintelligence.net	2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com hal900015.redintelligence.net
4	googleads.g.doubleclick.net	2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com sci-hub.mksa.top
4	share.pluso.ru	img.sci-hub.shop sci-hub.mksa.top
3	track.webgains.com	sci-hub.mksa.top 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com analytics.webgains.io
3	www.google.com	2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com tpc.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
3	tag.digitaltarget.ru	kitbit.net tag.digitaltarget.ru
3	kitbit.net	img.sci-hub.shop kitbit.net
3	2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	w-it.m-t.io	analytics-wg.webgains.io
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	5994599.fls.doubleclick.net	1 redirects sci-hub.mksa.top
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	vk.com
2	fnc.rt.ru	2 redirects
2	counter.yadro.ru	1 redirects
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	sci-hub.mksa.top adv.office-partner.de
2	sci-hub.mksa.top	1 redirects
1	analytics-wg.webgains.io	analytics.webgains.io
1	diapi.webgains.com	track.webgains.com
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal900015.redintelligence.net
1	www.awin1.com	2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
1	ad-server.eu	2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	adv.office-partner.de	hal900015.redintelligence.net
1	pb.media01.eu	hal900015.redintelligence.net
1	pv.medialead.de	1 redirects
1	s0.2mdn.net	2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
1	ut9.rktch.com
1	optinder.com
1	p1.ntvk1.ru	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	securepubads.g.doubleclick.net
126	46

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
mksa.top Cloudflare Inc ECC CA-3	`2021-03-03` - `2022-03-02`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.pluso.ru R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.kitbit.net Let's Encrypt Authority X3	`2018-11-05` - `2019-02-03`	3 months	crt.sh
tag.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
ut9.rktch.com R3	`2021-04-19` - `2021-07-18`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
adv.office-partner.de R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
ad-server.eu R3	`2021-04-19` - `2021-07-18`	3 months	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-04-09` - `2021-07-09`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://sci-hub.mksa.top/
Frame ID: AA811B7DB6A47F1ED0971EDD085CA95C
Requests: 57 HTTP requests in this frame

Frame: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C79A739FF8D10FDF48275E0D2D155A6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGMaI76MBMAE&v=APEucNWVRVSPfgVwWw9HE7gszaHSmTpx7kAsJGduu6I86YD69JL9GWNz5iXUFfgFlitrjvzmUBAegXMCcwJrtfzuWvEcCcMY7F1wso9ggruw9Po0HeXlJlcWNP_UBlQk7rkYUyMm_7lCIVhoKQbjn68b9DjfzBAXqHzTDJYI8gfIVHQX95_mOMA
Frame ID: 7E4480F512D143D349620971F29D9A04
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 71B1DCF5FF1280141BDC5AF969CDA6B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE7ED1F78986F4E79E42E73A7F6B8DD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8A2EE681ED443927624032B285DDE856
Requests: 3 HTTP requests in this frame

Frame: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 08E0089744A57277380B33DCDBB89EA7
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYnMXFlQEwAQ&v=APEucNU96AHS-HJck7NsGkRziZwMzXiQjPY1bmDeenIltndM17sg5vhMuMhsV3tlNRzmoJaCjlT1vxXDQgubDob_KDdJ9RNORgceiEWugkFIq6teYPdJNe1xwhDl_0fMliHwbPM_ox09l0iRDI3bNgl_L7U4RH5v2CSxu_F9xprBjUEz4zf4fuc
Frame ID: 1B8D34808367BA17B14C9D592AB42168
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7A7D41618E357A4AA298588189069574
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85539600249657601084702011618015&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 0600210D6944EBAD9AD2DA62268D7598
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 08AC1D50C8B3506B617332A59A620CB5
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSIzcGvhvECFd1R4AodG-sNEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3414726320924.8057
Frame ID: 1938A3F7DD5BEB62D1699D83F767CBE3
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=85539600249657601084702011618015&a=c1cfabf0
Frame ID: 7CCA964C0F0A6F2EBEE688A9CD914671
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sci-hub.mksa.top/ HTTP 301
https://sci-hub.mksa.top/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

126
Requests

97 %
HTTPS

48 %
IPv6

32
Domains

46
Subdomains

45
IPs

8
Countries

1403 kB
Transfer

2575 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sci-hub.mksa.top/ HTTP 301
https://sci-hub.mksa.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1

Request Chain 44

https://p1.ntvk1.ru/nps HTTP 302
https://optinder.com/cro

Request Chain 48

https://dmg.digitaltarget.ru/1/7150/i/i?i=865624827357049.631841819649166&c=tg:adcm_pc HTTP 302
https://dmg.digitaltarget.ru/1/7150/i/i?i=865624827357049.631841819649166&c=tg:adcm_pc&q=scc

Request Chain 49

https://dmg.digitaltarget.ru/1/6534/i/i?i=865624827357049.477936270970351&c=tg:adcm_pc HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=865624827357049.477936270970351&c=tg:adcm_pc HTTP 307
https://fnc.rt.ru/1/6532/i/i?i=kwAQp0QX2.9H0.B7K-Oa&c=tg:rds_6534 HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=kwAQp0QX2.9H0.B7K-Oa&c=tg:rds_6534&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/6533/i/i?i=9290001618453761833000000003196525&a=774&e=4CSiCZmoi5lo5555Kv31

Request Chain 50

https://dmg.digitaltarget.ru/1/1086/i/i?i=865624827357049.630272076904123&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:duK9oNDqyNz5F_9yieOtequa.xps:xpsqcCM_UuBQA5nWtA0fR7mz7.xga:GA1_2_293425667_1623098074.xgid:GA1_2_358482854_1623098074.dn:sci_hub__mksa__top.dn:mksa__top.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=865624827357049.630272076904123&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:duK9oNDqyNz5F_9yieOtequa.xps:xpsqcCM_UuBQA5nWtA0fR7mz7.xga:GA1_2_293425667_1623098074.xgid:GA1_2_358482854_1623098074.dn:sci_hub__mksa__top.dn:mksa__top.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://vk.com/rtrg?p=VK-RTRG-956930-7bGhv

Request Chain 51

https://dmg.digitaltarget.ru/1/1086/i/i?i=865624827357049.453282498359407&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:duK9oNDqyNz5F_9yieOtequa.xps:xpsqcCM_UuBQA5nWtA0fR7mz7.xga:GA1_2_293425667_1623098074.xgid:GA1_2_358482854_1623098074.dn:sci_hub__mksa__top.dn:mksa__top.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=865624827357049.453282498359407&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:duK9oNDqyNz5F_9yieOtequa.xps:xpsqcCM_UuBQA5nWtA0fR7mz7.xga:GA1_2_293425667_1623098074.xgid:GA1_2_358482854_1623098074.dn:sci_hub__mksa__top.dn:mksa__top.adcm:hit.tg:adcmjs_noorient HTTP 307
https://vk.com/rtrg?p=VK-RTRG-956929-3Z9uy

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdluvVF5e7K24VM72SkczQ&google_cver=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL6C2sBwKAFrz9TrFP6x7gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGPxPjDhNJcK_FxCaoyVxuw&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPcacMbkd-ZN7NyYbFvlG3w&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MjY3OTg1NjM2NzkyMDM5NA%3D%3D

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGPxPjDhNJcK_FxCaoyVxuw&google_cver=1

Request Chain 90

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YL6C2sBwKAFrz9TrFP6x7gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGPxPjDhNJcK_FxCaoyVxuw&google_cver=1

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELmLVmwToNGH7JHfWZSFz5E&google_cver=1

Request Chain 92

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1MjY3OTg1NjM2NzkyMDM5NA%3D%3D

Request Chain 98

https://hal900015.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=82f416ecaa&subid=&uid=190189042a0f0f26&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEowJ2oK-YPOiGpH8gAeatbnwCbXN-YNXzM-5q-UM8C4QASC0o-5-YJWCgICwB8gBCakCH2RgFXJ1tD6oAwGqBOQBT9AcfCqGHuMqd5N7JCc8RxJ2hM_LBqoIziz-aRKZQ38noFOXFxp63VPzfG5Gu8Q-TQbGeMJDMhhYrH_4YqWPi5THVWiMOjKhntA8i35wGtrE-hz8AjYUcl4-YuCiHw0_mwLjcJZn6_-biAy1jyQ3Xi6Pmt85Nf5EeUywfYmn-Ac-2d1q1WBPSu3h3xr78Hy9zS1JBYBfHquV3cLFl01AqXBGDV7sO_dveVCBSMrFgybzJXE8hyx0_AAwemq9cxc2TV0sqd_kCLjPt3i4P8d8kxXRH6RFsbsN6m00TRLHKXd9fWXMwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoJFyIlsAt_cooF0xrmB_P4CVOY0E7WTOO-95iA_SCRTMOmJuVZm94dULDYnVYeLrrEZkFOoh-EIT0VKs%26sig%3DAOD64_02znWbDD_Wuby-6NY0og2z3MPcOQ%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-DzBfFR6hIzi8RiGxgH8b_q5ap-4cyW3HKBgvsGG9NsqGRIJHnENnjKYiLfww09yys-oOGeJwzKidhEPbeyLhe-QSOtecGRRPvPGZBGyCGBHWo7VFx4H4ZtIcnZMhFpAU2Xc7T8ayeZdt-KS6EST2vXWHPepw%26cry%3D1%26dbm_d%3DAKAmf-DQn6UwLd5krXEwBiSdyqK6NrLZbWXvxsieSwYBZ6ZcA9MQ3XyKwvZnqhCtjkMFUt_63br1kI8Dd3pZldiWtnI9nOupq3NXQn2KCkrRzjIkQg3sdtyMC7q8Riu7vqrSoPr2dO2HnUQx2J44AQYhSjQOrkgpkBbQqikGSavfawlDLblkrqLq_Lc7B7pSWEuWWpmaFLpYqU9dbiMaJNdMJizPr5Wog6la_1PmefzhQQCFxeR9-8ni3o2jxqoJDAf9VdYg7Vrq-P2tOfplVIAfuFLrWTNWgh1rFo5uvBEYuFuKIQmFwKfUpWnBbh_3oLmtoKzZZlP-0e2BFBPeBERbCx5UkNazAbJWjFEN74_BuWZvGuP5gdkuAuEkrUUJnluDo3Ffv93J59g8axCy2eUoSRcVxTC2jR-oFlraz-IbQvyK_npuUlRXyFLSx4ywOzWCKgrPJ4W-%26adurl%3D&documentReferer=https%3A%2F%2Fsci-hub.mksa.top%2F&ancestorOrigins=https%3A%2F%2Fsci-hub.mksa.top&random=3744579632357&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=j7guwu45m6py&nw=20&renderingType=javascript&namespace=82f416ecaa&subid=&uid=190189042a0f0f26&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEowJ2oK-YPOiGpH8gAeatbnwCbXN-YNXzM-5q-UM8C4QASC0o-5-YJWCgICwB8gBCakCH2RgFXJ1tD6oAwGqBOQBT9AcfCqGHuMqd5N7JCc8RxJ2hM_LBqoIziz-aRKZQ38noFOXFxp63VPzfG5Gu8Q-TQbGeMJDMhhYrH_4YqWPi5THVWiMOjKhntA8i35wGtrE-hz8AjYUcl4-YuCiHw0_mwLjcJZn6_-biAy1jyQ3Xi6Pmt85Nf5EeUywfYmn-Ac-2d1q1WBPSu3h3xr78Hy9zS1JBYBfHquV3cLFl01AqXBGDV7sO_dveVCBSMrFgybzJXE8hyx0_AAwemq9cxc2TV0sqd_kCLjPt3i4P8d8kxXRH6RFsbsN6m00TRLHKXd9fWXMwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoJFyIlsAt_cooF0xrmB_P4CVOY0E7WTOO-95iA_SCRTMOmJuVZm94dULDYnVYeLrrEZkFOoh-EIT0VKs%26sig%3DAOD64_02znWbDD_Wuby-6NY0og2z3MPcOQ%26client%3Dca-pub-7015235120915769%26dbm_c%3DAKAmf-DzBfFR6hIzi8RiGxgH8b_q5ap-4cyW3HKBgvsGG9NsqGRIJHnENnjKYiLfww09yys-oOGeJwzKidhEPbeyLhe-QSOtecGRRPvPGZBGyCGBHWo7VFx4H4ZtIcnZMhFpAU2Xc7T8ayeZdt-KS6EST2vXWHPepw%26cry%3D1%26dbm_d%3DAKAmf-DQn6UwLd5krXEwBiSdyqK6NrLZbWXvxsieSwYBZ6ZcA9MQ3XyKwvZnqhCtjkMFUt_63br1kI8Dd3pZldiWtnI9nOupq3NXQn2KCkrRzjIkQg3sdtyMC7q8Riu7vqrSoPr2dO2HnUQx2J44AQYhSjQOrkgpkBbQqikGSavfawlDLblkrqLq_Lc7B7pSWEuWWpmaFLpYqU9dbiMaJNdMJizPr5Wog6la_1PmefzhQQCFxeR9-8ni3o2jxqoJDAf9VdYg7Vrq-P2tOfplVIAfuFLrWTNWgh1rFo5uvBEYuFuKIQmFwKfUpWnBbh_3oLmtoKzZZlP-0e2BFBPeBERbCx5UkNazAbJWjFEN74_BuWZvGuP5gdkuAuEkrUUJnluDo3Ffv93J59g8axCy2eUoSRcVxTC2jR-oFlraz-IbQvyK_npuUlRXyFLSx4ywOzWCKgrPJ4W-%26adurl%3D&documentReferer=https%3A%2F%2Fsci-hub.mksa.top%2F&ancestorOrigins=https%3A%2F%2Fsci-hub.mksa.top&random=3744579632357&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1

Request Chain 100

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=85539600249657601084702011618015&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85539600249657601084702011618015&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 103

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3414726320924.8057 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSIzcGvhvECFd1R4AodG-sNEA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3414726320924.8057

Request Chain 105

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=85539600249657601084702011618015 HTTP 301
https://ad-server.eu/wm/pb/native.png

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sci-hub.mksa.top/
Redirect Chain

http://sci-hub.mksa.top/
https://sci-hub.mksa.top/

29 KB
6 KB

319ms
319ms

Document
text/html

2606:4700:3033::6815:35c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hub.mksa.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:35c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84b5229d1afc0962f11d27c8875317a0d92da419a5e6e2cf0ad02934e6f943ab

Request headers

:method: GET
:authority: sci-hub.mksa.top
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
expires: Tue, 08 Jun 2021 08:34:33 GMT
cache-control: max-age=43200 no-cache
x-cache: MISS MISS
cf-cache-status: DYNAMIC
cf-request-id: 0a89c837a10000bea629162000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ncdti5YIpTemuQFJP3xcN5k83r%2F6giKIRGMkrLOaP7x1HZAgm0JrtiBoiOOqTMQWhnIXI%2Frvck2kOquNauUq6iMYP%2BLttdodqOQ24IbXzWMM7d910AKAvpeklDZ04I%2Fsis2Nz5UqDRCXIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65bca96c3f78bea6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Mon, 07 Jun 2021 20:34:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 07 Jun 2021 21:34:32 GMT
Location: https://sci-hub.mksa.top/
cf-request-id: 0a89c837900000c2865a8a2000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zBzjpkdbK8ogEUICFY0DWxYdPP%2FCc01FexjWJiyjjjZhxw1ha3Hdp9M9DBkEMCUMceID7MkV7p6hGeTsEIaFMytxXrf%2Bd3WLZ2wehmOEzIhzRNpuSwttMUH%2FvJEIkekJrf%2FH%2FwINnxdKog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 65bca96c1b7cc286-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
29 KB 19ms
18ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219637
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a89c838e600004a6ed91d2000000001
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
server: cloudflare
etag: W/"5c00bb7c-152b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kPaR6UAwo7Yb5Nutk%2FjDJtQCjHUGxTJOXs6jEdkt4AsoVZWP5GIHp959q1AMWgMvQfBTCla1hrf%2FKt6%2BbXg8jjBxB3iXYGnxWRtqEbhCtRqMStdXQQX71udzHxFHsJHoDXosi8UGsihkOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 65bca96e3c884a6e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
63 KB 44ms
43ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219637
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a89c838e600004a6e91213000000001
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
server: cloudflare
etag: W/"5c13665c-3dee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=n72Q344kRZVLzuGZxtoFjm66G0WyM5e6PSNJn4xJGZ2fTwE4ZnX%2B0YjCVQ5koDRfeEHLQC%2FomwepMD0qWqcJkL6sH8r6tZ3lOvjHmg3dsyzcOwB1XlHIz%2Fu8NF5L6Wkj%2BTEGEItRCnPVmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 65bca96e3c8f4a6e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
22 KB 20ms
20ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219637
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a89c838e700004a6eb0b5b000000001
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
server: cloudflare
etag: W/"5c00bb8c-1798d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pPYLe4a6C%2B46X%2BUm67W%2BxcHh8UDGrjiGFYBTv%2FKfYyJbg%2FrcvoNaEybGH3goXjXedacDod6zJUR6Yd8pZOhYb%2BShbEx%2BYHgDcSHkx9XMnKXj9sJDwFqGXdDfXFvwzLfVu0wr8spJJrrLFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 65bca96e3c914a6e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 29ms
28ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219637
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22275
cf-request-id: 0a89c8390600000eaf9402a000000001
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FggtaSTrgoQMVwsNLVbPJ0fuS1%2F3Qwm%2FZuF2oIJlSaSTHtObNttObYw9BMGj7eaRKxBky0h8TnHeC9MtKBy22j878DfIOdmsxYAtgQRDyFxaa2WdMFfPKVbabxydWF7hlCiZ3DOl5frPqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96e6ae20eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 19ms
19ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219637
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8428
cf-request-id: 0a89c8391b00000eafb9a0d000000001
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SoDl9gTsjuP3EU5M4Vdy2T3RjoVuobZKx7t3JtdvYdWRB%2Fzx1yh6pKQJdaU3rjOIjK4mu7L1BT9LeIPu3E1U%2BcHP9Oa5McfYzK8qe8ncPKdfGDNSa7Em043sxOyZCb8rintDAlbETybA%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96e9b370eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 17ms
17ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

835d6c1d667569e9f4c90d0825ed50e62f92301d6d060dc7d5f6205c953343a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "896 / 646 of 1000 / last-modified: 1623064273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21372
x-xss-protection: 0
expires: Mon, 07 Jun 2021 20:34:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193456449-1

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c90f522c3f8acecf9e43b20d0e103bf2da90fb1566da76ba0e5cac6dd89653c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35963
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:48:33 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Jun 2021 20:34:33 GMT

GET
H3-29 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 29ms
28ms Image
image/jpeg 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 188646
cf-request-id: 0a89c8392800000eafc52ba000000001
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UdqeohMtxIYlyCa3Vx8pRtUngMNKtaS0rXmhC1g%2BHZmXOTWheUV%2BP868YgrrDKadrXPYEE9%2BL8H2VpVcglXREs2zCxO%2BvA6eyVedK3Yiig8flMZPZEI4fTEWNH%2Fh5nchHy0x7TmKzbIQpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eab630eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 28ms
25ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14556
cf-request-id: 0a89c8393800000eaf5c90b000000001
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CT%2BFuf7w6TeQnRsuKePnwsE4Y2saNtFT9BIvYWWDTU%2BKePVU8t5kfg61p%2BchiLBngvpUggkLwyWuIG3NRVUEt0l%2BH4nxFsV0%2F2xxvsD2cow9TtuBetL2K0azOykrkHZ7gi%2FtNENioYZZRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96ebb860eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 28ms
26ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 60144
cf-request-id: 0a89c8393a00000eaf96a65000000001
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E89ZHDc5zxNMlQG6i1j2IU0E4HoyyV35Eh5AGbOnyjQGcJzP1gj%2B4jZ5VFkyCkjOB0EZgamPtQ09lsyjfg%2BnIpuZ5uwpzUmsHsfxbS5FXGb0D5ndu46%2B9ftsnQxBt83PGBj0y7R6ZqxX6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96ebbac0eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 33ms
31ms Image
image/jpeg 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 55605
cf-request-id: 0a89c8393b00000eaf5a13e000000001
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pWaOyK6S2gJE6Sck3JU4YqfhrmAyY59Z4VikrjsjUC%2FPXVBidYtqorg%2Bj0P%2FfXHTLDeOQO5ih6Va7pYYxQc152pSub6zvpGUh3AnSaYtn%2Fpd%2B3xGvqeCeVneazRvddTVjejrbkILMHpQkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96ebbb40eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 34ms
31ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3361
cf-request-id: 0a89c8393c00000eafd4100000000001
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DknfPP2qgvB9aABmKDLupIDg3RbyZm%2B2GUbNmXomq%2BTdvSAPmHv%2BshmhPafgycEPJjltZWH1O0JA%2FNAc0AZGjXxhSaYsBPEPzxpe%2Bzrsauq8t57SXp%2F6n6CCwgnHoqT3e0lLpXHV2D2VZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96ebbb90eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3-29 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 36ms
35ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1068
cf-request-id: 0a89c8394c00000eaf60077000000001
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=03kfNC19ZjqIvvymec9OMTDX4O0ZMnqVg4xxS5FPiklDTZnPHRczsA2R%2B6HLJv4CLWJMicDgXf7Hz09%2BuKoIuU56S1qtU4YCHmPX4cLH1126aNKzoUNzRCVNWwNLIQhxb1BXUue%2BJfGJCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96edbef0eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 31ms
30ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1087
cf-request-id: 0a89c8394d00000eafb9a11000000001
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4LpQK98M3zXmOHNOS%2BeZ9vM%2BMbvQ5Sq%2BWsplLKGkxVvQ8GH57bHO92kDhi8eWW4xcSIxZdp90ZQOCaAIsDGMCyA4HjkBFG86WUBaqCujd8GmIW52QelVTF0%2FRUXULvgxT6QLgag%2Bf84o5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96edbf20eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 19ms
14ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1637
cf-request-id: 0a89c8395100000eafc52be000000001
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M%2FJfiPyVn4rSsIcXTExmXJgC0XUZ1pT1sBez%2FzwHBDIDpY368XDMAAFFJCdJrYAj5adYvcGwwU%2BiV6RzcJHJZ4coAN%2BtXhu0UcLbYxv4m0XdDsgrHDtVEBfILAuOzA%2Byy2cDhyxx6QgY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec020eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 21ms
17ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3907
cf-request-id: 0a89c8395200000eafb80fe000000001
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hRXxGVghNcYgg3GO3W98Ytbq4Bx%2FzB8hqleJoc02Y58Kelan8Z8Lr39GOTOTxZu6W7%2BMeCHo%2BLNohrWApExXquV%2FWtwGrA%2B8RQLOPoiwimgs302hivO22HQVWn0TP%2Boi6%2Fy1f3%2FVY8T3NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec0b0eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 24ms
19ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4278
cf-request-id: 0a89c8395200000eafa9be9000000001
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PoQDmpVedNE6Up%2FjGX8AjKN9zB6L3dZVbtUkBCd95LjffDxrYI7vOu7LOiXtOxk%2FHsaY3ZBI8WZPk3zcsGj8hIzazwyzuw8IncB9NgprgHSrHTNC4HvDDjMP2DAndyLGSQuvor%2Bym6IJig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec0c0eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 21ms
17ms Image
image/jpeg 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 51212
cf-request-id: 0a89c8395300000eaf8f03b000000001
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ymzH%2F8iqRhWcsc9LkrhOvf0kqKF0zD4waFW0NI1TmgK0fDM8uTjD1CxhuxlvYpxc4RsTlHknv2e82RdjBHjGve03Y9qPNnKItAQi%2FWrqnrBHStRhi864RtvgIE0zI9pHDcxelKLm6PSf8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec0f0eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 25ms
22ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6197
cf-request-id: 0a89c8395400000eaf9f2f4000000001
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Fnjz3Dp2b%2FzRcWCqlMVghhJinyTh0F3DOskJ4HIwp7GPjLRue%2BxG0FPIGGUH36ul4cmkSPoSYJh8vChUUsjjLSCnkENga0CFcMi6JH2sB3HBiqn1fbpFYUY0ZdWasCq9TqM%2BDq7iKe4nKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec110eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 19ms
16ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17834
cf-request-id: 0a89c8395400000eafd4103000000001
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9cyYFuwISBRKqVcpe3L%2FBeIvxs0AKzvR7orKj6FE%2BJLE2dLo0tKYD9tmzEn6KG64SbP82rHj1FdoKciRrw3ezR9JKWyIYfSGBeeT5orlQd%2BHrteWqTDfRlNy5ioyGJWx2R1Ans5t8GrTZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec130eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 21ms
18ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5751
cf-request-id: 0a89c8395500000eaf94031000000001
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c2KVSM61Fufh7FMQxX%2F%2BUiGcoFjMkuGS5kqJNQ0udImVPrbJ3kwqRqoNqL3ozBXWdv4%2FfG18E1nfiFPRBpew8CWL4nj7OffdtrHL61Ue4q9fiDcGKo5UWpJW6BrO0BAFmcGz%2BxtmP2jeYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec150eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 21ms
18ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4152
cf-request-id: 0a89c8395600000eaf8fb71000000001
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cfCcgykPgGOQQN2imIvx4ULtCBUgSlizbwI31AHfvcXlSL1Bv39Tr0VWuVycvjB2xrra9427KvQ%2Fp%2Fa3RA6aZFrtg8o7kMa83xdeWg4RpeP%2Fkyf8oD05n00dKNGphIZ8Eamb%2Fy25vYehDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 65bca96eec190eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
12 KB 16ms
16ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 219636
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0a89c8396c00000eafca1e2000000001
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
server: cloudflare
etag: W/"5c00bef8-a5cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bFkzAqDp4YJgltFzCL5SIyN5rovzT9vjRmVIGNaGnKbv92Gag3y84DO%2F3UTSuaOETFWHY%2FImrRh27IFuq2K4ohWfOin5DnHIWK28ThGjHBGrWeF5MsZLEkS3DqmVzQ2Pcfazjw7yfMROPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 65bca96f1c700eaf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
109 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Mon, 07 Jun 2021 20:34:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193456449-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4990
date: Mon, 07 Jun 2021 19:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 07 Jun 2021 21:11:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sci-hub.mksa.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.mksa.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 732ms
732ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057058254487210&correlator=2214176765351140&output=ldjh&impl=fifs&eid=31061161%2C31061200%2C44744016&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2C970X90-01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1623098073&dt=1623098073542&dlt=1623098073313&idt=209&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=900&adks=1836978441&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=970x-1&ga_vid=293425667.1623098074&ga_sid=1623098074&ga_hid=390203769&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

68e8d267cd084a9a4940cba6eb965226cfa560dd7c6edf2d8dc5d6c15d315be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7595
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sci-hub.mksa.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 79ms
52ms Other
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1165ms
1163ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057058254487210&correlator=2214176765351140&output=ldjh&impl=fifs&eid=31061161%2C31061200%2C44744016&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2C336X280-01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1623098073&dt=1623098073547&dlt=1623098073313&idt=209&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=1552&adks=2992418410&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=528x334&msz=336x-1&ga_vid=293425667.1623098074&ga_sid=1623098074&ga_hid=390203769&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e706c6de3219ca30b463ffbd4914bc59dcd1eb577d79c7fe2965c4a6ad28e8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8659
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sci-hub.mksa.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 478 B
297 B 884ms
883ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057058254487210&correlator=2214176765351140&output=ldjh&impl=fifs&eid=31061161%2C31061200%2C44744016&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2Czsy-01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1623098073&dt=1623098073549&dlt=1623098073313&idt=209&frm=20&biw=1600&bih=1200&oid=3&adxs=426&adys=2192&adks=1528813087&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=748x120&msz=0x0&ga_vid=293425667.1623098074&ga_sid=1623098074&ga_hid=390203769&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

207ab8d8da412a28ff752763312b01c3a43f951e6b9219e5279bed767a34cc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sci-hub.mksa.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 477 B
293 B 1250ms
1249ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3057058254487210&correlator=2214176765351140&output=ldjh&impl=fifs&eid=31061161%2C31061200%2C44744016&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210607&iu_parts=22149012983%2Cycykh-ndd%2Czsy-youtu01-sci-hub.mksa-ndd-ycykh&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&cookie_enabled=1&bc=31&abxe=1&lmt=1623098073&dt=1623098073551&dlt=1623098073313&idt=209&frm=20&biw=1600&bih=1200&oid=3&adxs=430&adys=2192&adks=3809152490&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=748x120&msz=0x0&ga_vid=293425667.1623098074&ga_sid=1623098074&ga_hid=390203769&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d7e8dcc9861ad3a813b2197d90c538aa70f14ddc9b1ce5652cdcedf04a75b978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sci-hub.mksa.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=390203769&t=pageview&_s=1&dl=https%3A%2F%2Fsci-hub.mksa.top%2F&ul=en-us&de=UTF-8&dt=Sci-Hub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=867840565&gjid=1255136448&cid=293425667.1623098074&tid=UA-193456449-1&_gid=358482854.1623098074&_r=1&gtm=2ou621&z=1876206377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 20:34:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sci-hub.mksa.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 119 B
590 B 161ms
55ms Script
application/javascript 31.131.252.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=OzvWCw1o4tKvdwZb&first=1

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

bdd4003804f6ce8052531178f70d642ad8fdc912033665ecc0b38163acd16b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Thu, 10 Jun 2021 20:34:33 GMT

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 119 B
590 B 167ms
58ms Script
application/javascript 31.131.252.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=lDdExd0cK9Dpbnc9

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

bdd4003804f6ce8052531178f70d642ad8fdc912033665ecc0b38163acd16b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Thu, 10 Jun 2021 20:34:33 GMT

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1

43 B
496 B

49ms
48ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Jun 2021 20:34:33 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Jun 2021 20:34:33 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 06 Jun 2020 21:00:00 GMT

GET
H/1.1 200
OK 06.png
share.pluso.ru/img/pluso-like/square/medium/ 23 KB
23 KB 230ms
113ms Image
image/png 31.131.252.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/pluso-like/square/medium/06.png

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-5b8f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 23439
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 176ms
59ms Image
image/png 31.131.252.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/plus.png

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK kb.js Show response
kitbit.net/ 1 KB
2 KB 171ms
54ms Script
application/javascript 31.131.252.94
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/kb.js

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

f9d5c80f0dc11db48852a36ee5b84381d1f70d2caeaa758ded319fa091994c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:33:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmC+gnyESQsqThaVAg==
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=21600, private
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Tue, 08 Jun 2021 02:33:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-193456449-1&cid=293425667.1623098074&jid=867840565&gjid=1255136448&_gid=358482854.1623098074&_u=YAhAAUAAAAAAAC~&z=923642525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Jun 2021 20:34:33 GMT
content-type: text/plain
access-control-allow-origin: https://sci-hub.mksa.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ 3 KB
3 KB 45ms
45ms Script
application/javascript 185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
Last-Modified: Thu, 13 May 2021 10:40:41 GMT
Server: nginx
ETag: "609d0229-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H/1.1 200
OK s.js Show response
kitbit.net/ 1 B
303 B 56ms
56ms Script
application/javascript 31.131.252.94
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/s.js?u=https%3A%2F%2Fsci-hub.mksa.top%2F

Requested by

Host: kitbit.net
URL: https://kitbit.net/kb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:33:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 07 Jun 2021 20:32:59 GMT

GET
H/1.1 200
OK h.gif
kitbit.net/ 43 B
537 B 112ms
54ms Image
image/gif 31.131.252.94
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//sci-hub.mksa.top/&h=Sci-Hub%26kbuid%3D5EFC831F7C82BE602A0B49840295164E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:33:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmC+gnyESQsqThaYAg==
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 07 Jun 2021 20:33:00 GMT

GET
H2

200

cro
optinder.com/
Redirect Chain

https://p1.ntvk1.ru/nps
https://optinder.com/cro

0
299 B

45ms
44ms

Image
application/octet-stream

2606:4700:3036::6815:15dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optinder.com/cro
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:15dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:33 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eFsyh%2BlPjwUA0DdX5QSV0yi6ClOoDY4ZBzH5Plf9u78JrPBoI0cQI%2F4mKV3tPIOHLAglO8lL801%2FP8SC8XtzxK%2Fy62gmPvWTEwktLrisoL6sJZEVSh5IRzc2jqzZHJXurn73tDKR"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cf-ray: 65bca9714c244a62-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0a89c83acf00004a625f1e9000000001

Redirect headers

x-77-nzt: Abk73BCjofaB
date: Mon, 07 Jun 2021 20:34:33 GMT
last-modified: Mon, 07 Jun 2021 20:34:32 GMT
server: CDN77-Turbo
x-77-nzt-ray: w3ZuDImehAQ=
x-77-cache: MISS
content-type: text/html; charset=UTF-8
location: //optinder.com/cro
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
x-cache: MISS
x-77-pop: frankfurtDE
content-length: 0
x-request-id: 1231985308-4-1623098073.776
expires: Mon, 07 Jun 2021 20:34:32 GMT

GET
H/1.1 200
OK sud
ut9.rktch.com/ 88 B
88 B 143ms
48ms Image
image/png 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut9.rktch.com/sud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 88
Content-Type: image/png

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ 15 KB
16 KB 47ms
46ms Script
application/javascript 185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=905789746809185
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5a0da3f86d0505c67db1fb2287ce92548014d4ba7969eb76b7f716a5d5009e8f

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
Last-Modified: Thu, 13 May 2021 10:40:42 GMT
Server: nginx
ETag: "609d022a-3da5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15781

GET
H/1.1 200
OK extension_1086.js Show response
tag.digitaltarget.ru/extensions/ 732 B
976 B 45ms
45ms Script
application/javascript 185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/extensions/extension_1086.js?i=168855219995636
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: acde19dd39fd4b3b76819f21d622af86dcdf0cb00967a337a01005e8316ccb1f

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
Last-Modified: Thu, 13 May 2021 10:40:42 GMT
Server: nginx
ETag: "609d022a-2dc"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 732

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/7150/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7150/i/i?i=865624827357049.631841819649166&c=tg:adcm_pc
https://dmg.digitaltarget.ru/1/7150/i/i?i=865624827357049.631841819649166&c=tg:adcm_pc&q=scc

0
398 B

48ms
48ms

Image
text/plain

185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/7150/i/i?i=865624827357049.631841819649166&c=tg:adcm_pc&q=scc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/7150/i/i?i=865624827357049.631841819649166&c=tg:adcm_pc&q=scc
Date: Mon, 07 Jun 2021 20:34:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/6533/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/6534/i/i?i=865624827357049.477936270970351&c=tg:adcm_pc
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=865624827357049.477936270970351&c=tg:adcm_pc
https://fnc.rt.ru/1/6532/i/i?i=kwAQp0QX2.9H0.B7K-Oa&c=tg:rds_6534
https://fnc.rt.ru/1/6532/i/i?i=kwAQp0QX2.9H0.B7K-Oa&c=tg:rds_6534&q=scc
https://dmg.digitaltarget.ru/1/6533/i/i?i=9290001618453761833000000003196525&a=774&e=4CSiCZmoi5lo5555Kv31

49 B
603 B

62ms
62ms

Image
image/gif

185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/6533/i/i?i=9290001618453761833000000003196525&a=774&e=4CSiCZmoi5lo5555Kv31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 20:34:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 15
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Location: https://dmg.digitaltarget.ru/1/6533/i/i?i=9290001618453761833000000003196525&a=774&e=4CSiCZmoi5lo5555Kv31
Date: Mon, 07 Jun 2021 20:34:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H2

200

rtrg
vk.com/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=865624827357049.630272076904123&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:duK9oNDqyNz5F_9yieOtequa.x...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=865624827357049.630272076904123&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:d...
https://vk.com/rtrg?p=VK-RTRG-956930-7bGhv

49 B
445 B

49ms
48ms

Image
image/gif

87.240.137.158
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-956930-7bGhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv158-137-240-87.vk.com

Software

kittenx / KPHP/7.4.107424

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: gzip
x-frontend: front632920
server: kittenx
x-powered-by: KPHP/7.4.107424
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

Redirect headers

Date: Mon, 07 Jun 2021 20:34:34 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://vk.com/rtrg?p=VK-RTRG-956930-7bGhv
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 19
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

rtrg
vk.com/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=865624827357049.453282498359407&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:duK9oNDqyNz5F_9yieOtequa.x...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=865624827357049.453282498359407&a=86&e=5EFC831F7C82BE602A0B49840295164E&c=ss:86.up:5EFC831F7C82BE602A0B49840295164E.sync:up.xdua:d...
https://vk.com/rtrg?p=VK-RTRG-956929-3Z9uy

49 B
445 B

49ms
49ms

Image
image/gif

87.240.137.158
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-956929-3Z9uy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv158-137-240-87.vk.com

Software

kittenx / KPHP/7.4.107424

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: gzip
x-frontend: front632920
server: kittenx
x-powered-by: KPHP/7.4.107424
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

Redirect headers

Date: Mon, 07 Jun 2021 20:34:34 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://vk.com/rtrg?p=VK-RTRG-956929-3Z9uy
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 16
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3-29 200 container.html Show response
2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C79 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sci-hub.mksa.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sci-hub.mksa.top/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Jun 2021 20:34:33 GMT
expires: Tue, 07 Jun 2022 20:34:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622805992319560"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Mon, 07 Jun 2021 20:34:34 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

860a49004c147559dff41ccccca9dabe20b3d181238d3b481dd1c4c1dbe56b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7787
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.mksa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 07 Jun 2021 20:34:34 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7E44 624 B
580 B 17ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGMaI76MBMAE&v=APEucNWVRVSPfgVwWw9HE7gszaHSmTpx7kAsJGduu6I86YD69JL9GWNz5iXUFfgFlitrjvzmUBAegXMCcwJrtfzuWvEcCcMY7F1wso9ggruw9Po0HeXlJlcWNP_UBlQk7rkYUyMm_7lCIVhoKQbjn68b9DjfzBAXqHzTDJYI8gfIVHQX95_mOMA

Requested by

Host: 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
URL: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CO-nFxDv2IkCGMaI76MBMAE&v=APEucNWVRVSPfgVwWw9HE7gszaHSmTpx7kAsJGduu6I86YD69JL9GWNz5iXUFfgFlitrjvzmUBAegXMCcwJrtfzuWvEcCcMY7F1wso9ggruw9Po0HeXlJlcWNP_UBlQk7rkYUyMm_7lCIVhoKQbjn68b9DjfzBAXqHzTDJYI8gfIVHQX95_mOMA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 07 Jun 2021 20:34:34 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmMMT4WSCy5abv_O33zroW1Q-4u5MMgutO8hYHeptixant2owqCW40isMV0; expires=Sat, 02-Jul-2022 20:34:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Jun 2021 20:34:34 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6C79 43 KB
21 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsMF51kpqnHblTU5U1KjTcMGwvcgYXClxaSnjQ6oSWGwqkdaChDfdVCh4G7qsI3QI0F95jEUGtuSrc2EKxyJAbRzRgOMBrfregVisjA1YlCxF9EgAo6f5spXMO_mDl8lTH43IhTGk4I00MFMpHcAaq6fW2jA&dbm_d=AKAmf-DYSfgw1IHbzFtGm1HMfOOIzgnEPMZdnjAA_zozWjEidlbgVxZF2QylMeF4Bu6ZI00Eivl7EMvppPVv_BVgGqSRGitUx65kDj39UorEsbGsC9GlyLzW2yoa9PyWLJSBhUDbl80ycd45y7qG5mPRPHxB62mEM1cnh-34u1H01hKOP6ZDEXa_a9XMBUqE2A_Yxu1yDY0bS455IwFpSlRgenDegDHfjZAoc9OhmSqzUlum-oLgpfyCAOsZt_evq35zF65LvP80aD5EXgFrdce8QibyNvjbZ2CM84NuNtyg-hsb37rciJpBHu81G7n4F137FXIL9ghqQ4wEVWO633gLTqYzvWeNYD97R7RgBXoE8PtMBxrpJ9yisjIUJxhjnRY6NfDB4XyBw0GG9z7nZt5QwEXszDBRSfthqjWZ8U0ihZxmYhX7MWpIUodBVbjGZHEdAGuhyr6mWMlVyrMw5qG9BzQtoqEA0Um_qHF539nO6r7CADqIQ2eaWcuMdP-r9LujisMbNZUwxDlp-Gd-yV75CztHqDFiRHh2ylKzHPpARRdZRF7kShuv8wdxxKh7QZspmrkVc2hm8nh19lYrrwNqW3lIuxv5H0N-9TOUawJhV-Q9sOeTU_H6x-bULZkP85vUaBuOtUAtLu5HNnMLXMlOxa87nAQMhOmWgGhUlvttorDQEVzQ83lgWv7u_NNskxfikUeOCYYoS6LkasalYpex-AP_zguuDNAfktZFKBgXLjo-_9JQOT21HiK6GN4vSl9YPjfj5RNfxsTN7oZ0O5BRgYh2O4cn21ZY8GT-j3DoPR2TyNaXQiRSUcx3XuJ-m0xdNVDq2um9twhGX6Ay9887xc7YKHVCgcY-GcWf1tc5cFL7m-qQYUaxUsiRDVhdsH0SlkmEROIc7BpkIdVwJmld9yJItXtpMBylZYTm8MgMK60vToADCrKwpaSG3R0i-wdHSBT6BacX1nLAQ_a-NFyPgrp9wo9iRBmqDpbrCjM_l7YOfDiAnGGq4hcj28S3oBUIPZ6gtk0q41bE_6Nld6cKy-dOZNWF00QmatadjHwqXQE2VZvzhPGW-nKVtcjWJm9racU8vAcHFtxgwN99fh53MRnF1P9QiJKjYarHtwd6Oucc_vnZPBfXTGhh1bcFIdndfqeAPHZGcEW1wUao68fCWxggAgI317P4bo8ObwhkSwL63WTtYH-kYvcXOZQRtiPCvhR9t37dwvLe8GJUE54cqld_H3Bv4IP_hkEbP_pALQrPLqODH_CLhc-dHgldY-_IHfC1EjzH7hkP7hfCwi9q2IKvcVxhMDbxqd-SICqR7qAShnM8AShw3TNOtAGUaVvvgB9eti7RgAi2404a7oaNSrFyDO7Y1DpSCgK1g2h5rePmVLDPp9YW1jxRAZLOTgQozYLVAGRHNi-TMcYG98AXLL4G9auihH4kcfOsTHQf5joZffRFmDxgUPdRv6qLdgAmHtJFjAaGJ3R1Y_xY4ffCfcLV5wl-1f0ufudaONrhJRgIyUBSoKetGyNipi8oKQIdRJX72ovEKp02ZW5icfkhtYKyV9oAMM_qtSHajIPGA1sxW3OMKeo-NHFJuaBwnsW7iWz0QT5fmeBJCdDeb4G_WRTKXkipidcYaVuerwV1CSuyaU8CajebiiF1wb71TkELE1iK20sONF1ONgzflGxAq5M_nGLTRGMKyxm6Vfa5wIArSdVX3Kib2LHm5k8yU41pW_clWb5tVsgMicEOIKMZtKn0gj6ND68KnuKWDKYXT0iA_wkOs27omPK-l5SWOQvhkYwOf5iVZNYMvGQZ2OQYAyIVEvwrzbAGOrETpTWY7KVls_2UJWgUnLbSiFm6HbCf6nFWjLVZvD5Qcgf5AEvT6g1Ar4ArP2NZ5TbpbDaWuW35LL6Tg0QXek73eZnRl7CI8vwV7IaUv2l8Lrm4Ei51xItBhtop9V70l9sfP369eFRk6LuThFY7kOCOQrVdAPMjqERJKU5qyxO-8jNWOA3lbh4-2wG190jt5F0oGqh3odN98jykxRm72tYE_XOfiDNUhzN-AtI2zfcAH3x_OH7ytd_IypY1qlsDL-_CRqwj7UzGpSsap-W_i6IbvVgDTrRz8lMVeCnX2G6zYd4L9t0su_hm8dHYEPxQlEZ4OWCUndYVs2CG-8pBBE52qos3Si3zmtcgORnV9lJOtAj4Gr4jGvhBeTXa_gFJgahef0Xeze5M1P7jXheS7alj4cWBKj8GUzKX21Q1ogGeqPR_bdu4PS0LzAvjoMaEtGSozkxCM941vcu-W1Gk5q-bdNIPj4pAJlYm-ZkHPapi6cJ-gI3tlvEepCqf1L1mW6mvB8VXD2aZtDP3-ES4kX2pIvFDy1AbdlGgKF2gtlyDFmjaDPVqu-kMYbzvpUw-eIwWXTtr0peAoCpmhvatDKuA9ebBByV7tTpYKR_mr9lL2N8-1731N8u70K9NVJZMKnjI_iXeeuvzUTelGJB6n-w7yTUqzjV0OtT_FkFJs7TjkESsC8T_3-TpYIk3_2mvtKPZ1P2lA-jD7UGox3Hs6XATWX7wXfxvZUUzSvvpFYsZCcWqpdjq9eIfAjibWxCN4jDnxMLJ1UwoUgAyqd1_xa1DWltqZQq0QzCTMFHM0Z-cjCztJhat6UmmcT1ctxvKDEVVtIiOtNV3sRT5rYVVwKJb89MCPInjxoG5NaogOvx0-r39wwyIasTXKi4I39Flz4bfWb0L9StOhA11vuMDCEQStY0I8GjYzjdNQd3W-s6saxeqcdw0QD8Tf0ak4IA9Y4edE_pdukVrQMHpdTHrEqQ8aaJJUs8i27J3QdloMoqTGUDd4nYytQ-4MtzvebOHiHy3BJ-Rz7wo2EAOOvb22s8cqFTuFGyElhwK0sKzRYC-BB1ZRkP_Mg6M2lK7dI89pAXsvUnYSaGB4xIckCaTstgIdn8TAwHxqunrPx9YeviwA7W3oFziRZipn2cTyRu_k90fnUYmVgf49r9XrkPWmbglAruxV4jpDdL4XAbW&cid=CAASPeRo83pdjuE_n9ReXMtILxy-SaRxQGxa9hcEXpgF9EMkomU39EfYh6VwWJgI0OedjxwpLRUpnx0v63Euutg&rfl=1%2Chttps%253A%252F%252Fsci-hub.mksa.top%252F%240

Requested by

Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f789741d8177c07d15d574adda1663b561da5a09101284b6ee8a4d9c9d90a60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C79 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ds5ENHYB9G6nkI71q2LvkypPJuv3KddhdfSYjRAq4OkM_ss6zvdfkUa-Cthf9qCPGN3zZhGlNI2rOmOZ2HK7podcZpPUm1f2sTFd-2TDC_e0LWrIE

Requested by

Host: 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
URL: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Jun 2021 20:34:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 6C79 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
URL: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:33:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 20:33:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C79 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
URL: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:34 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Mon, 07 Jun 2021 20:34:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 6C79 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
URL: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 20:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1091097466425408374
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 20:34:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6C79 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlq14yEO_-dpdVZOQHUUVkQ8_gcfc7zn4J9ndFkEVZDWz-__afp2Bh99VnzefEK1aeuC3b
Requested by: Host: 2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com
URL: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2390dcb10c0610149f8c0db0a5f2e726.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 71B1 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate

sci-hub.mksa.top Open in urlscan Pro 2606:4700:3033::6815:35c2 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

97 %HTTPS

48 %IPv6

32 Domains

46 Subdomains

45 IPs

8 Countries

1403 kBTransfer

2575 kBSize

3 Cookies

4 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sci-hub.mksa.top
2606:4700:3033::6815:35c2 Malicious Activity!

Screenshot
Live screenshot

Full Image

126
Requests

97 %
HTTPS

48 %
IPv6

32
Domains

46
Subdomains

45
IPs

8
Countries

1403 kB
Transfer

2575 kB
Size

3
Cookies

126 HTTP transactions
2 data transactions