sci-hub.hkvisa.net
2606:4700:3033::ac43:aa45 Malicious Activity!

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.nih.gov.scihubtw.tw/
Effective URL:
https://sci-hub.hkvisa.net/
Submission: On March 02 via api (March 2nd 2023, 9:17:05 am UTC) from US — Scanned from US

Summary HTTP 173 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 40 domains to perform 173 HTTP transactions. The main IP is 2606:4700:3033::ac43:aa45, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.hkvisa.net. The Cisco Umbrella rank of the primary domain is 417514.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 8th 2023. Valid for: a year.

This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.235.94.171 168.235.94.171	3842 (RAMNODE) (RAMNODE)
1	2606:4700:303... 2606:4700:3033::ac43:aa45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4004:c08::68	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
23	34.102.128.115 34.102.128.115	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
2 2	4.78.226.224 4.78.226.224	3356 (LEVEL3) (LEVEL3)
1 29	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
4 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:23c... 2600:9000:23ca:7800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
4 4	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.235.208.25 3.235.208.25	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.184.34.130 54.184.34.130	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	52.55.14.74 52.55.14.74	14618 (AMAZON-AES) (AMAZON-AES)
1	35.172.37.30 35.172.37.30	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2 2	2606:ae80:145... 2606:ae80:1451:14::1050	25751 (VALUECLICK) (VALUECLICK)
1 1	104.45.178.220 104.45.178.220	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:b47c:f275:7921:ffb0	14618 (AMAZON-AES) (AMAZON-AES)
3 3	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.87.130.203 52.87.130.203	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.168.146.43 35.168.146.43	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.205.56.163 23.205.56.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
173	17

1 168.235.94.171 (Los Angeles, United States) 1 redirects

ASN3842 (RAMNODE, US)
PTR: 168-235-94-171.cloud.ramnode.com

m.nih.gov.scihubtw.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:aa45 (United States)

ASN13335 (CLOUDFLARENET, US)

sci-hub.hkvisa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::68 (Ashburn, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.102.128.115 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.128.102.34.bc.googleusercontent.com

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.78.226.224 (Paradise, United States) 2 redirects

ASN3356 (LEVEL3, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.253.115.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:7800:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.81 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.235.208.25 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-208-25.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.184.34.130 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-34-130.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.14.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-74.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.37.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-37-30.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:14::1050 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (Lilburn, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:b47c:f275:7921:ffb0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:932 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.87.130.203 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-130-203.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.166 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.146.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-146-43.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.56.163 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-163.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	177 KB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	389 KB
21	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 27492	399 B
21	sci-hub.shop img.sci-hub.shop — Cisco Umbrella Rank: 351743	584 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	7 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	128 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	291 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	2 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 296	2 KB
3	clickcertain.com 3 redirects a.clickcertain.com — Cisco Umbrella Rank: 3130	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9857	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1218	615 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 377	2 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 566	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	887 B
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6288	966 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 726	2 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 5325	837 B
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 4470	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6276	895 B
2	mxptint.net 2 redirects aep.mxptint.net — Cisco Umbrella Rank: 5251	1 KB
2	rtbrain.app g.rtbrain.app — Cisco Umbrella Rank: 16169	127 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1295	643 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	459 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	712 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 3108	462 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1168	451 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 4045	488 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1046	287 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4264	615 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361	644 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 678	679 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	328 B
1	hkvisa.net sci-hub.hkvisa.net — Cisco Umbrella Rank: 417514	7 KB
1	scihubtw.tw 1 redirects m.nih.gov.scihubtw.tw	195 B
0	kitbit.net Failed kitbit.net Failed
0	pluso.ru Failed share.pluso.ru Failed
173	40

	Domain	Requested by
29	cm.g.doubleclick.net	1 redirects sci-hub.hkvisa.net googleads.g.doubleclick.net
21	g.bidbrain.app	googleads.g.doubleclick.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	img.sci-hub.shop	sci-hub.hkvisa.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sci-hub.hkvisa.net
16	pagead2.googlesyndication.com	sci-hub.hkvisa.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	fonts.googleapis.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagservices.com	googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	match.adsrvr.org	4 redirects
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	a.clickcertain.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects
2	sync.teads.tv	1 redirects
2	secure.adnxs.com	2 redirects
2	i.liadm.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	x.bidswitch.net	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	pm.w55c.net	2 redirects
2	cc.adingo.jp	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	aep.mxptint.net	2 redirects
2	g.rtbrain.app	googleads.g.doubleclick.net sci-hub.hkvisa.net
2	adservice.google.com	pagead2.googlesyndication.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	trace.mediago.io	1 redirects
1	dsp.adkernel.com	1 redirects
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	fksnk.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hub.hkvisa.net
1	m.nih.gov.scihubtw.tw	1 redirects
0	kitbit.net Failed	img.sci-hub.shop
0	share.pluso.ru Failed	img.sci-hub.shop
173	45

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
hkvisa.net Cloudflare Inc ECC CA-3	`2023-02-08` - `2024-02-08`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
g.bidbrain.app GTS CA 1D4	`2023-01-31` - `2023-05-01`	3 months	crt.sh
g.rtbrain.app GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh

This page contains 20 frames:

Primary Page: https://sci-hub.hkvisa.net/
Frame ID: 761F39F281A376B838DB4EA43A112676
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: F4F89F177AE937E64AF9EEC08FE4A98D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186
Frame ID: D5DF303C2A3092147356C8D0CB147262
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1677748654&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654591&bpp=4&bdt=293&idt=186&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P23oAXUhxO&p=https%3A//sci-hub.hkvisa.net&dtd=192
Frame ID: 304C6B2ACD995652EB1900464CCF7377
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1677748654&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654619&bpp=2&bdt=322&idt=169&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185
Frame ID: 3A5E11DF42EEACF0ECCE12EF5575AC58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FEF9460B95C392AE408EC54107BC7E7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: ADD0540E37ED3CEF32BB100BBEAECC3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Frame ID: 11CCE0A85427FEDBA9674E24921205FC
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Frame ID: D766BE2F9692E06B4DBE05482C9FE2B3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19
Frame ID: 447ABE41CC3C8805F39183A303C9C830
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Frame ID: 30605CD33306E952E21A253E3B4F5EA4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8995E56B89F13435E9AF7215DA9B983A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EBE9B3A938DC2E654AC613C2A86B7DFB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: C09312AE4EC39D1B2063D683C23C0B92
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11836E2382594C3B791999FE6138A433
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B9EE16970A15C30ECEC340420BEF37D8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23831EFE48E77D35B301002C671C82FF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21FDF248142C21841F49F27137FB20BD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E31C0F78FF49EDFF4170813EA5BC7C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1A86A2983CDA252C3623B77D24BA844
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://m.nih.gov.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

173
Requests

80 %
HTTPS

42 %
IPv6

40
Domains

45
Subdomains

17
IPs

3
Countries

1587 kB
Transfer

3659 kB
Size

48
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.nih.gov.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://aep.mxptint.net/sn.ashx?google_gid=CAESEPIvE6ZCQ6y9yd0KEL5d9Mk&google_cver=1&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A&google_hm=UjFCMzMyX0ZFRTQ2NjNEXzExMURFRTU%3D

Request Chain 112

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx_f7SMhlWw629joKD6hC5xjWUvtKU6tXC6BR-OEQbg_4qbTCZSsMko94axCI6f_4vQJ9wpD9687lM1kAxjS81XpSTLxaxbQpw HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx_f7SMhlWw629joKD6hC5xjWUvtKU6tXC6BR-OEQbg_4qbTCZSsMko94axCI6f_4vQJ9wpD9687lM1kAxjS81XpSTLxaxbQpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

Request Chain 113

https://d.agkn.com/pixel/2175/?google_gid=CAESEKqBE6pgwaoXd6LYnFclshg&google_cver=1&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw&google_hm=Q0FFU0VLcUJFNnBnd2FvWGQ2TFluRmNsc2hn

Request Chain 114

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEGZjTg-FI1WY-KsbU0Pwl8&google_cver=1&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYTVMfNvPh-5ruwOw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vLQrl2ARe-AWV4o6xM2iw2&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYTVMfNvPh-5ruwOw

Request Chain 115

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEKAJDFjpRETnmM-h8NnCS0k&google_cver=1&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEKAJDFjpRETnmM-h8NnCS0k&google_cver=1&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc&prevuid=05010002_640069b5923f5&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc&google_hm=MDUwMTAwMDJfNjQwMDY5YjU5MjNmNQ%3D%3D

Request Chain 116

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ

Request Chain 117

https://cc.adingo.jp/adx/push/?google_gid=CAESEEfmnjEO0-xBnmJIjakJ3tM&google_cver=1&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw&google_hm=a83cddb24791fc8c7b1ad1b37b37ace0

Request Chain 121

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U2wzTVVSSjQxUHhGNGM1&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE

Request Chain 122

https://a.tribalfusion.com/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 123

https://aep.mxptint.net/sn.ashx?google_gid=CAESEPIvE6ZCQ6y9yd0KEL5d9Mk&google_cver=1&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI0gtW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI0gtW&google_hm=UjFCMzMxX0ZFRTQ2NjNDXzExMzM1QjU%3D

Request Chain 124

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELVfXDkskqp2qhM7jjo29f4&google_cver=1&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqBtfeIdvt6chPcb8odrWDxt02ZcO9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqBtfeIdvt6chPcb8odrWDxt02ZcO9

Request Chain 125

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEGZjTg-FI1WY-KsbU0Pwl8&google_cver=1&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1xypRorh260Fpl_yS HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8ewGY9hbQvWNSm3cbehgRQ2&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1xypRorh260Fpl_yS

Request Chain 126

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha

Request Chain 127

https://cc.adingo.jp/adx/push/?google_gid=CAESEEfmnjEO0-xBnmJIjakJ3tM&google_cver=1&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1&google_hm=818cff40a82bde0c95bcac1e30ccc49b

Request Chain 138

https://a.tribalfusion.com/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 139

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx8PYR4rtmjDTVQ2AdV9cZ627oWImVvJhvumo2JYpY3lWBj4QejtpkBiaDMiDwzKp1aILJucA8jDgMbHC2y7y3apaq1Jrdgg7PU HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx8PYR4rtmjDTVQ2AdV9cZ627oWImVvJhvumo2JYpY3lWBj4QejtpkBiaDMiDwzKp1aILJucA8jDgMbHC2y7y3apaq1Jrdgg7PU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

Request Chain 140

https://fksnk.com/cs/google?google_gid=CAESEICGsjsk0SpVTeiJVsy-6kY&google_cver=1&google_push=Aa02lx_hT6lCdG1g-7bBgB7NVMqrQwvjDANuW-j_oZOZfFT10e8cs3BMShhbu5kVqtMCU1ScCb85-9gdPXBMH-IcbM8ibCguyvAePQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDEwQzk4NzkwMEFDMTQ1NQ==

Request Chain 142

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH-No8Xbf2tUsTJvngd3TnU&google_cver=1&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH-No8Xbf2tUsTJvngd3TnU&google_cver=1&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ&google_hm=Txe1W2fhRBGOt_9OvXvGrA==

Request Chain 143

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMWitjN8hPmYkR6VcuGxK04&google_cver=1&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMWitjN8hPmYkR6VcuGxK04%26google_cver%3D1%26google_push%3DAa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A1210261728506740645&exchange=193&google_gid=CAESEMWitjN8hPmYkR6VcuGxK04&google_cver=1&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyMTAyNjE3Mjg1MDY3NDA2NDU&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU

Request Chain 144

https://trace.mediago.io/cs/google?google_gid=CAESEI3VshtfiYZaQSXuJD_QT20&google_cver=1&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZWy-MUtG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZWy-MUtG&google_hm=5fa1259d42c343d3415ec014c51078f4

Request Chain 147

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_cver=1&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6f60f7c74a531870&is_secure=true&networkId=14000&version=1&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_cver=1&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAInNa40sh6qAM_PH4EAAAAAAA&expiration=1677835056&google_cver=1&is_secure=true&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg

Request Chain 148

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=1&google_push=Aa02lx99_XDEl2kBAmpg64zwZnPkcyRYjtymgIIIaQ9UOIedFMXDJV1thg96ynD4XHIu0FpO_fwGxzdcJ3IAvlYnv1d0Xs8VoaCYZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OWE1OTlmMzEtMDczMS00ZWY2LWE1ZjUtODBkNDk1ZTU4MTU4&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=1&google_push=Aa02lx99_XDEl2kBAmpg64zwZnPkcyRYjtymgIIIaQ9UOIedFMXDJV1thg96ynD4XHIu0FpO_fwGxzdcJ3IAvlYnv1d0Xs8VoaCYZA

Request Chain 149

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZLjo8d3su0MNiVkSwvQ5A&google_cver=1&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTeUJ-MChQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTeUJ-MChQ&google_hm=eS1La1pYbkt0RTJwSFhoRTFnU1Nyd1FhTDJWMDQwNHFtVn5B

Request Chain 150

https://a.clickcertain.com/px/img/g/?google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=9b248308-7394-44b6-b0a6-f3774318ad7a&ccid=9b248308-7394-44b6-b0a6-f3774318ad7a&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEP_cGcx0gezIvS5yQoRPMMM%2526google_cver%253d1%2526google_push%253dAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF%252dtF%252d2c6UV70M5Uu1cFc%252dC8i2cl6rcxKr9iS5AzWCSZ11qWfkg%2526anx_uId%253d%2524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEP_cGcx0gezIvS5yQoRPMMM%2526google_cver%253d1%2526google_push%253dAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF%252dtF%252d2c6UV70M5Uu1cFc%252dC8i2cl6rcxKr9iS5AzWCSZ11qWfkg%2526anx_uId%253d%2524UID&bidder_id=200441&bidder_uuid=9b248308-7394-44b6-b0a6-f3774318ad7a&_li_chk=true&ccid=9b248308-7394-44b6-b0a6-f3774318ad7a&previous_uuid=1f2d94baf9e44d7e9c79531bf2bd3a65 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEP_cGcx0gezIvS5yQoRPMMM%26google_cver%3d1%26google_push%3dAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF%2dtF%2d2c6UV70M5Uu1cFc%2dC8i2cl6rcxKr9iS5AzWCSZ11qWfkg%26anx_uId%3d%24UID&ccid=9b248308-7394-44b6-b0a6-f3774318ad7a HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fg%2F%3Fdone%3Dtrue%26google_gid%3DCAESEP_cGcx0gezIvS5yQoRPMMM%26google_cver%3D1%26google_push%3DAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&anx_uId=2582813490691789145 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&google_hm=OWIyNDgzMDgtNzM5NC00NGI2LWIwYTYtZjM3NzQzMThhZDdh

Request Chain 151

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcN_EgkeKFsuGWR2j7V3Rs&google_cver=1&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7S6dprDYUx-zh4B0usMZlDqbOlag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRVzhDSTQtRy1EM0NY&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7S6dprDYUx-zh4B0usMZlDqbOlag

Request Chain 152

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESECHYnJxhUYozj40pkwxXCGA&google_cver=1&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3J3TlcxkYz4hRcKzE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=SahgriqEAUap7ADb8-u15g&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3J3TlcxkYz4hRcKzE

Request Chain 153

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOSV4uGxBXq9bLorspl_QIg&google_cver=1&google_push=Aa02lx888iD6Libi97QkGv7XIsPjzLKpoqAev_Ih2IMGZvmyj5_r4kRYl0BGI_2o2yFBEyw4ct0N_LOADKvUIfnZAPT023dHH7c3ZJ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzgwNTkyNDUtNjhmNS00NmExLWIwOTUtZmRjNjUzMDY5NmU0&google_push=Aa02lx888iD6Libi97QkGv7XIsPjzLKpoqAev_Ih2IMGZvmyj5_r4kRYl0BGI_2o2yFBEyw4ct0N_LOADKvUIfnZAPT023dHH7c3ZJ4 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 158

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

173 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sci-hub.hkvisa.net/
Redirect Chain

http://m.nih.gov.scihubtw.tw/
https://sci-hub.hkvisa.net/

27 KB
7 KB

744ms
525ms

Document
text/html

2606:4700:3033::ac43:aa45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42010ba524f3ea737e3d41bb92a10c105625b4fb795dd519e0f67bfbc1903bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=43200 no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a188c1e0c8b1885-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:17:34 GMT
expires: Thu, 02 Mar 2023 21:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIj%2B6jOqIdZuSJ4mupKWUSPJ2YUzr%2BsDeGZaBAly4M4LV5CVx9M9ONHajrfCuDDFiWY22IrlbBhI1jBEDmPTNKOoE%2B48U7jlkem77S2qX%2B8u3QV%2BF8drVGO%2F6jKZx%2FJ1%2FdJpaIOW8H5wOHMU%2Fpjb3tY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-cache: MISS MISS

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 02 Mar 2023 09:17:33 GMT
Location: https://sci-hub.hkvisa.net/
Server: nginx

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 70ms
12ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612648
etag: W/"5c00bb7c-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki5bXdZMb8Fqj%2FqaJwQRem8xehy%2Fm413RinDvqfJtNqYMo%2Bfb1yhj77A%2Fe4jLD7KT%2F4daoS9s8ceR428qqGC5baR8%2FpZb%2Br87S%2FoX8jBeTLm6qOlsRCJmhyH4a4cphY3M8%2BK9a5LtZp1oLOCQ6RK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c21bb838c0c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:06:46 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 75ms
18ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612648
etag: W/"5c13665c-3dee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmUCsHi00vqTYsmp%2Bxf3hqXHwy1y6JY1jdiDW2feMu2SX2Jd%2FTnPRQTkdiopIV%2BXvpXfqBcEL%2FgKGeBHzrMY5ZttWUyln%2FL6RP5Rc9Syn7fzvwmV02xXLXBYCqqQzpIqORYZzGDTdtmTnn7x4YGQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c21bb858c0c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:06:46 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
23 KB 71ms
14ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612648
etag: W/"5c00bb8c-1798d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piieS8DNATn%2B07Dv8ksUMr6vYqoT1cGpPNI7R74CmYmkmXI9x5Lxl0ZGDxA%2BrvXw7oYRIWFb7s5Gi5iDHO7GpXuclUuh7C5NNb7e1p3U8WauYOScBAKXe%2Bf1PXTUuqpctMTAhkqd1SQ64TsHRPxS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c21bb868c0c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:06:46 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 10ms
10ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUIyqlFhU1%2FDpFSVpTNDoqNBmx2xuZnOKx7VycEwNHRtiiNJmOlIZjd9jlgZkPvRDeRbmN7%2B7VKLRH2qvz7dnKj2YD8TZDGlXgIsjdtZ3z6G2dWDpft1qi9DVzeGOPgf2QA6ovZ5dKJkuChgH6xD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c21fbbc8c0c-EWR
expires: Sat, 25 Mar 2023 07:06:46 GMT

GET
H3 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 18ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRn%2B4NNRRj1YiWLdeNeoKRg63wt%2Fu6GaGGOs9%2FCjUuK0FjLBgklLZXYlJ3pycwx8uyrXhyC8QDuwvRysia%2B%2F8qdw9KMkWVcxdOS%2B92XN7Ht7z6lU3AbGyPOkerxIocTkDrxEpEQHkYD8t%2FoRGBma"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c220a1cc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 58ms
26ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aca17d412ade9f9a72a3d2d27f097a98af97daf83eb211af87c60b444178690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47985
x-xss-protection: 0
server: cafe
etag: 513968448114827620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:17:34 GMT

GET
H3 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 12ms
12ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T83xhUcFP8NTPtr5d%2BXbBOGpXocxAU1lIpJpBKwDF%2Fw6S%2Fboo364mBeX8xG8TQJn3hsbDBCYExE7CBTm0ynaEpsp%2F56bT4%2BKGTI2NLe3Z8suE3HXJBNcGd0LQL9OB3F51qOwECehn99A0r5zOSR8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c224a56c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 17ms
12ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4isrksypSma7csUIWkz7pPQ%2FbZObNWcmF8ZNEPR1xb5%2B1itZBzejDQZ9znqWZxC7xo59NRDz5URR3FNsr%2FtNYYiwz5H2aczXfdoS%2BDCD35HV%2Fhq%2B7F5FPhosYsWhsDhK5GHRKUUBYFnXlDgumn8f"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c225a69c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 19ms
12ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLvo8xVTjdkUCwnTfEWua8lJwDpCCISpQOxNaieb8jhrC2wys7webqLuTrmfjFmNJuqdkuRUPLeyxFJh8teij%2B9BMFSlVrhTVK1XwnXxF7NAI8q3Gml%2B51XTiCq7m7pVOGe5kIYE%2BKPH6isNjsAZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a6bc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 21ms
13ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juuA9dsm7uPxxqOztF82iJlH2Ol8%2BwLU5kci6lEi6CnAo%2FIYg620vxw3IbRjgjA%2F3a%2B56eM9ASlM5GF%2B%2BIv1ggtj9sm%2BERzdExvtb0qk2sBYFXa3ouSJZmEhIqOLxdqsfd30XK9CdeFjOAralvw2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a6dc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 27ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaH3tPFD6JOCgtmpfzEf9cW6DevG4ok0%2BWwdnCcEz%2F%2BR%2Fq9QtBw3kqaNAlKWvcIiKDT1wuYsiNYQk2OuQhTZnk%2BYI8xmsPenfOCjspI7pCugeNFnxYLt%2Fj1KYFsEW8jAUbR%2FjIR0Cuh7YMLj8JSE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a7cc32f-EWR
expires: Sat, 25 Mar 2023 08:46:14 GMT

GET
H3 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 31ms
20ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzSI2%2B04AaDTvpP33KjOE0e4Ypedv6TPTuE1132Ku01RZG8UzJvJa9lwPi3sVTbBGRRQ1C54HZflAjSjzvd8yxsK2OnVR3Ji07TjEo3CoLiafSOaJTwNUSu2UwnE0QBcjGSVIeBiCtE6xqJ1knIh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a7dc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 28ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsWDvDjdgoMx7wVv5CqQYV29dDGZtMNd1w3uu0kkIpi%2F7HAfNW9KSOeK45IePLpeBe2HftiVqlplhzziH6phphiKCG%2Fn4u0exbt%2BpyxDRULrqr4WNfolV%2BaN5LLBI%2FPzLuzKyAEmHMia%2FziIVnqG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a7ec32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 29ms
18ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQwKmRfbXeBqrpf3Qk0BIPmDTxPtjmUn2tCizNqXtCDDbNKugSa2CAkgLKCxjsGAOmTp2omPZ4MxpxvaWSKoJB6Ohn%2BvGYXzvdGdlKqjCR9fbTCqDr5XREazgEgomEpDspkzxmN9BHvDzV5PI6p1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a80c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 29ms
19ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FIHkcVRv8S%2F7iv8Wi5ssSHBSFHa806JSM0E%2BzTLkX9qwPJqukVN%2FQ1%2BLzMBKKz133sctlNvqjGxi0u1DdEiB6Lwl180jp8lSp33SwLZeY5jf5EfbNn7joQrFuNu5ApvAdy0WyVSQGknFsGiWWvJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a81c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 28ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHAzBvgDegQPiA%2FRVOYVhGYiOEgDDhQX3UwZyF8XQNeaOCSBlv%2F9fG4prUJ%2FIHl9vH9EPN%2F%2FpFjodp%2BOP5XZq3RYdtzTgrFSbITD%2Bnld5EkuHxrdX8Usz9y7rBVHD0Lu7cltscmOhfCvq4EsMiAZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a83c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 34ms
24ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 609206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLXbxOe%2BJ97Y%2FI2owRZxmULgcaynSuLA4wxTqSmsVdo0e2SBQ8%2BOaDD702s6pIqftGx9euWCRnccCQJHtczAO%2F2Bmp%2FaE2ZokhAs0i%2BiYF8%2FQSgXzgyXQddyqT9YgpYBh3CEtNIk%2FFScZbi2e%2Bri"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a85c32f-EWR
expires: Sat, 25 Mar 2023 08:04:08 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 36ms
25ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGXQSsen5GIVFdF9H2Sonyt7h8IymtSD2ROTUfamx3jBSIinr12qvqp0wDXjd7QyPcjIt%2BFWZt3jrLuZXg46Hz3u6iDSOFcYM1%2B4fLjRs527ShbDvaLFdJTmmaAq1W3lfNlwutKAVpZEZNFiXl8I"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a86c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 33ms
22ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOJ6SZdFAEvneoXoEo3WH246XAXSxaGik%2FR%2Bs8bfvweQ3GHX9jVEFLji%2BKnMqKoJfZDVBzgyx6M2DHoM80%2BK8pic%2Bgth38h%2BYyMoTxZ%2B0Pk%2FH7Qe6gWlNTFr%2F6nOM6pYuBbqrf4bTm7lADZx8xCo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a88c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 37ms
26ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wD7%2Fus3v0NShMPsMASG0RdG1mJ117olPv7QeIf9y%2FnixtaILaUe6Ngz%2F7H%2Fj73atTvcOF7c2gvbS4g8DeNqrQMeFAShwV2K8QAIMvIOKfB5da%2BIZmwU9MC6WOmIB7AXi%2B43%2B5dswHWJEiO6RlHS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a89c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 38ms
26ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLJN4WBwXNIFlkpy8dLZ1f4zFxInABJvJsWVqbhEDnfNMiJMkFF5P%2F9si%2Fi4HKZIRuII%2F5OZ27TuLViodzk3%2FKvLPpbjBVqshBtIhFvjNly7EQtGnn%2Fj5sNXJKZecAX8dJKFSx1VB9rI%2B7GI26Ux"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a8ac32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 13ms
12ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612108
etag: W/"5c00bef8-a5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bXVxRrJfuxvVvgOfLJqqKKhxuP9Mg4DtbFMHjczfBooncJ3xST5e9rr0d4%2FdMXhnyp%2F%2BOgIg%2Btm2TTTQjkYjPmqwbwToOV79Ae5uTUAKT75WHT0fYDBikojSikNUd5ll0LNjkXxmYhcM7o5mGF6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c22cac6c32f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:15:46 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 49ms
47ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d2a985f6246d4d158a58fe3fc22f8c0e237b4c2bb13edd22bcaf645c515c52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121450
x-xss-protection: 0
server: cafe
etag: 13748770885081091010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:17:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame F4F8 10 KB
5 KB 25ms
10ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 51013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 19:07:21 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 19:07:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
328 B 19ms
18ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8131a513a9dc091336c2f1a626bf83f14e67d380ff422202aec3ed8350e966bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 53ms
31ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5DF 89 KB
32 KB 327ms
327ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67775c51680c9a79083e38f7785bc8cef5099b4241b702204385bf01bb0b249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 304C 436 B
234 B 247ms
246ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1677748654&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654591&bpp=4&bdt=293&idt=186&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P23oAXUhxO&p=https%3A//sci-hub.hkvisa.net&dtd=192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88d09b92bd97c459d5caa94206e524df883c058507a57efe65cce88f0ecf8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A5E 140 KB
41 KB 494ms
494ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1677748654&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654619&bpp=2&bdt=322&idt=169&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0af524f2a665c75da94eb362f6d487be2583a3f527d9ff828360040dfc338ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 17368753492450477996
tpc.googlesyndication.com/simgad/ Frame D5DF 14 KB
14 KB 142ms
113ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17368753492450477996?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmWH35phWwEjxjUPXuQ89209gvRfw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b73a9de1f94520a870f9e2f51c8008c1fb28e8cac0a341a52f6e538de9d8e14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14434
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 16:20:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 09:17:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame D5DF 22 KB
9 KB 38ms
10ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame D5DF 225 B
355 B 35ms
16ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:27:33 GMT
x-content-type-options: nosniff
server: cafe
age: 28202
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 03 Mar 2023 01:27:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D5DF 3 KB
1 KB 32ms
13ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D5DF 20 KB
8 KB 33ms
11ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5DF 158 KB
49 KB 48ms
19ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D5DF 33 KB
14 KB 35ms
17ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13717
x-xss-protection: 0
server: cafe
etag: 17409078185802295553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D5DF 0
0 36ms
31ms Fetch
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUpEdrmkAZOjnMNSRsALat6z4AuTD4_dtktatzrgQ2te0uKcmEAEg86rhe2DJxqmLwKTYD6AB-vCd0APIAQKoAwHIA8kEqgTNAU_QYtyvfzsxPON5y_fc5FlwVLOeJQLFVOSTNv8ufbOSU4muysK-en3ZwodePLH5uy6tKDQztoNpAimf2jAF4EzwQ7bCYTHBYPCOZyDNWTrOU2HI-PsZ81tsxUMMstWF_weWvqMMvH8VVa9__Rw1lff5ORo0NIQYgRowdtRewO-M_iETIG0b26nPQx_3Q3p-5vsOdSV_vDcN8G4NzRcqz88WguMx_LL9ncDEZdjIt-s2FAdJ3yYcBKOsVUK5Choh2EZ52TQevWdkbED7vkrABPuk8NuMBJIFBAgEGAGSBQQIBRgEoAYCgAfujuIvqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQq4wF0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=qZ1KUJ1I0MU&uach_m=[UACH]&cid=CAQSGwDUE5ymvHC7-JCEHngk_01QKRPlAnRE-bPj7xgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEF9 143 B
166 B 11ms
11ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:04:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D5DF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c358d20ff4b968e538fb50ea5ea7e9833d8c3843b0aa95926a623a8fec2e72a5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEF9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
18ms

Document
text/html

2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame ADD0 36 KB
14 KB 11ms
10ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:32:06 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 27ms
27ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js?bust=31072569

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d18579ef0b6d5a05ee88a9a11ed2b33c9091757e45c0c8db34f3c337efaca37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52039
x-xss-protection: 0
server: cafe
etag: 1026667329078479959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
19ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 11CC 76 KB
23 KB 213ms
212ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7f7043273a3d76ce583d8e654a3c64d8ff006515e7273cb8d44b605e29d67b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 23998
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D766 76 KB
23 KB 179ms
179ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e75db49898e745334db21dfb96d74176a8e9b9bdc9acdd23dca4548e96fc7be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 23843
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 447A 60 KB
19 KB 222ms
221ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea891fc663d2f579465eb049cd12b9582079f0358c98c5ccd4980ab3283e860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 19111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3060 76 KB
23 KB 225ms
225ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f41d261d10c0b3ea94ca91dd42bb247fa018be1f3997a8f2cda069668c75c51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 23882
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 8995 10 KB
4 KB 10ms
9ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 51628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:57:07 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 18:57:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 8995 10 KB
4 KB 48ms
17ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 19:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 28 May 2023 19:55:57 GMT

GET
H2 200 99dc865e115b275ae9421eebd8589b76.js Show response
www.gstatic.com/mysidia/ Frame 8995 10 KB
5 KB 45ms
14ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/99dc865e115b275ae9421eebd8589b76.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b7ed369c9ae686938e7c88b6252eafd6650c76c61e0f749c95d4c8687b35cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 12:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4662
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 28 May 2023 12:30:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8995 8 KB
1 KB 54ms
20ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:19:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 8995 2 KB
846 B 13ms
12ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 8995 22 KB
9 KB 10ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 8995 3 KB
1 KB 9ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 8995 20 KB
8 KB 14ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8995 158 KB
48 KB 38ms
34ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 8995 34 KB
14 KB 36ms
19ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

sci-hub.hkvisa.net Open in urlscan Pro 2606:4700:3033::ac43:aa45 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

80 %HTTPS

42 %IPv6

40 Domains

45 Subdomains

17 IPs

3 Countries

1587 kBTransfer

3659 kBSize

48 Cookies

4 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sci-hub.hkvisa.net
2606:4700:3033::ac43:aa45 Malicious Activity!

Screenshot
Live screenshot

Full Image

173
Requests

80 %
HTTPS

42 %
IPv6

40
Domains

45
Subdomains

17
IPs

3
Countries

1587 kB
Transfer

3659 kB
Size

48
Cookies

173 HTTP transactions
6 data transactions