sci-hub.hkvisa.net Open in urlscan Pro
2606:4700:3033::ac43:aa45 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.nih.gov.scihubtw.tw/
Effective URL:
https://sci-hub.hkvisa.net/
Submission: On March 02 via api (March 2nd 2023, 9:18:08 am UTC) from US — Scanned from US

Summary HTTP 173 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 40 domains to perform 173 HTTP transactions. The main IP is 2606:4700:3033::ac43:aa45, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.hkvisa.net. The Cisco Umbrella rank of the primary domain is 417514.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 8th 2023. Valid for: a year.

This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.235.94.171 168.235.94.171	3842 (RAMNODE) (RAMNODE)
1	2606:4700:303... 2606:4700:3033::ac43:aa45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4004:c08::68	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
23	34.102.128.115 34.102.128.115	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
2 2	4.78.226.224 4.78.226.224	3356 (LEVEL3) (LEVEL3)
1 29	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
4 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:23c... 2600:9000:23ca:7800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
4 4	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.235.208.25 3.235.208.25	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.184.34.130 54.184.34.130	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	52.55.14.74 52.55.14.74	14618 (AMAZON-AES) (AMAZON-AES)
1	35.172.37.30 35.172.37.30	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2 2	2606:ae80:145... 2606:ae80:1451:14::1050	25751 (VALUECLICK) (VALUECLICK)
1 1	104.45.178.220 104.45.178.220	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:b47c:f275:7921:ffb0	14618 (AMAZON-AES) (AMAZON-AES)
3 3	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.87.130.203 52.87.130.203	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.168.146.43 35.168.146.43	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.205.56.163 23.205.56.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
173	17

1 168.235.94.171 (Los Angeles, United States) 1 redirects

ASN3842 (RAMNODE, US)
PTR: 168-235-94-171.cloud.ramnode.com

m.nih.gov.scihubtw.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:aa45 (United States)

ASN13335 (CLOUDFLARENET, US)

sci-hub.hkvisa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::68 (Ashburn, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 34.102.128.115 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.128.102.34.bc.googleusercontent.com

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.78.226.224 (Paradise, United States) 2 redirects

ASN3356 (LEVEL3, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.253.115.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:7800:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.81 (United States) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.235.208.25 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-208-25.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.184.34.130 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-34-130.us-west-2.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.14.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-14-74.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.37.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-37-30.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:14::1050 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (Lilburn, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:b47c:f275:7921:ffb0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:932 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.87.130.203 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-130-203.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.166 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.146.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-146-43.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.56.163 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-163.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	177 KB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	389 KB
21	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 27492	399 B
21	sci-hub.shop img.sci-hub.shop — Cisco Umbrella Rank: 351743	584 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	7 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	128 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	291 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	2 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 296	2 KB
3	clickcertain.com 3 redirects a.clickcertain.com — Cisco Umbrella Rank: 3130	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9857	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1218	615 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 377	2 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 566	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	887 B
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6288	966 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 726	2 KB
2	adingo.jp 2 redirects cc.adingo.jp — Cisco Umbrella Rank: 5325	837 B
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 4470	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6276	895 B
2	mxptint.net 2 redirects aep.mxptint.net — Cisco Umbrella Rank: 5251	1 KB
2	rtbrain.app g.rtbrain.app — Cisco Umbrella Rank: 16169	127 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1295	643 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	459 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	712 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 3108	462 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1168	451 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 4045	488 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1046	287 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4264	615 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361	644 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 678	679 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	328 B
1	hkvisa.net sci-hub.hkvisa.net — Cisco Umbrella Rank: 417514	7 KB
1	scihubtw.tw 1 redirects m.nih.gov.scihubtw.tw	195 B
0	kitbit.net Failed kitbit.net Failed
0	pluso.ru Failed share.pluso.ru Failed
173	40

	Domain	Requested by
29	cm.g.doubleclick.net	1 redirects sci-hub.hkvisa.net googleads.g.doubleclick.net
21	g.bidbrain.app	googleads.g.doubleclick.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	img.sci-hub.shop	sci-hub.hkvisa.net
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sci-hub.hkvisa.net
16	pagead2.googlesyndication.com	sci-hub.hkvisa.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	fonts.googleapis.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagservices.com	googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	match.adsrvr.org	4 redirects
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	a.clickcertain.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects
2	sync.teads.tv	1 redirects
2	secure.adnxs.com	2 redirects
2	i.liadm.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	x.bidswitch.net	2 redirects
2	s.tribalfusion.com
2	a.tribalfusion.com	2 redirects
2	pm.w55c.net	2 redirects
2	cc.adingo.jp	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	aep.mxptint.net	2 redirects
2	g.rtbrain.app	googleads.g.doubleclick.net sci-hub.hkvisa.net
2	adservice.google.com	pagead2.googlesyndication.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	trace.mediago.io	1 redirects
1	dsp.adkernel.com	1 redirects
1	rtb.adentifi.com	googleads.g.doubleclick.net
1	fksnk.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hub.hkvisa.net
1	m.nih.gov.scihubtw.tw	1 redirects
0	kitbit.net Failed	img.sci-hub.shop
0	share.pluso.ru Failed	img.sci-hub.shop
173	45

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
hkvisa.net Cloudflare Inc ECC CA-3	`2023-02-08` - `2024-02-08`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
g.bidbrain.app GTS CA 1D4	`2023-01-31` - `2023-05-01`	3 months	crt.sh
g.rtbrain.app GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
adentifi.com Amazon RSA 2048 M02	`2023-02-22` - `2023-09-03`	6 months	crt.sh

This page contains 20 frames:

Primary Page: https://sci-hub.hkvisa.net/
Frame ID: 761F39F281A376B838DB4EA43A112676
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: F4F89F177AE937E64AF9EEC08FE4A98D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186
Frame ID: D5DF303C2A3092147356C8D0CB147262
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1677748654&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654591&bpp=4&bdt=293&idt=186&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P23oAXUhxO&p=https%3A//sci-hub.hkvisa.net&dtd=192
Frame ID: 304C6B2ACD995652EB1900464CCF7377
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1677748654&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654619&bpp=2&bdt=322&idt=169&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185
Frame ID: 3A5E11DF42EEACF0ECCE12EF5575AC58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FEF9460B95C392AE408EC54107BC7E7B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: ADD0540E37ED3CEF32BB100BBEAECC3B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Frame ID: 11CCE0A85427FEDBA9674E24921205FC
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Frame ID: D766BE2F9692E06B4DBE05482C9FE2B3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19
Frame ID: 447ABE41CC3C8805F39183A303C9C830
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Frame ID: 30605CD33306E952E21A253E3B4F5EA4
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8995E56B89F13435E9AF7215DA9B983A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EBE9B3A938DC2E654AC613C2A86B7DFB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js
Frame ID: C09312AE4EC39D1B2063D683C23C0B92
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11836E2382594C3B791999FE6138A433
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B9EE16970A15C30ECEC340420BEF37D8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23831EFE48E77D35B301002C671C82FF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21FDF248142C21841F49F27137FB20BD
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E31C0F78FF49EDFF4170813EA5BC7C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1A86A2983CDA252C3623B77D24BA844
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sci-Hub

Page URL History Show full URLs

http://m.nih.gov.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

173
Requests

80 %
HTTPS

42 %
IPv6

40
Domains

45
Subdomains

17
IPs

3
Countries

1587 kB
Transfer

3659 kB
Size

48
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.nih.gov.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://aep.mxptint.net/sn.ashx?google_gid=CAESEPIvE6ZCQ6y9yd0KEL5d9Mk&google_cver=1&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A&google_hm=UjFCMzMyX0ZFRTQ2NjNEXzExMURFRTU%3D

Request Chain 112

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx_f7SMhlWw629joKD6hC5xjWUvtKU6tXC6BR-OEQbg_4qbTCZSsMko94axCI6f_4vQJ9wpD9687lM1kAxjS81XpSTLxaxbQpw HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx_f7SMhlWw629joKD6hC5xjWUvtKU6tXC6BR-OEQbg_4qbTCZSsMko94axCI6f_4vQJ9wpD9687lM1kAxjS81XpSTLxaxbQpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

Request Chain 113

https://d.agkn.com/pixel/2175/?google_gid=CAESEKqBE6pgwaoXd6LYnFclshg&google_cver=1&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw&google_hm=Q0FFU0VLcUJFNnBnd2FvWGQ2TFluRmNsc2hn

Request Chain 114

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEGZjTg-FI1WY-KsbU0Pwl8&google_cver=1&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYTVMfNvPh-5ruwOw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vLQrl2ARe-AWV4o6xM2iw2&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYTVMfNvPh-5ruwOw

Request Chain 115

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEKAJDFjpRETnmM-h8NnCS0k&google_cver=1&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEKAJDFjpRETnmM-h8NnCS0k&google_cver=1&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc&prevuid=05010002_640069b5923f5&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc&google_hm=MDUwMTAwMDJfNjQwMDY5YjU5MjNmNQ%3D%3D

Request Chain 116

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ

Request Chain 117

https://cc.adingo.jp/adx/push/?google_gid=CAESEEfmnjEO0-xBnmJIjakJ3tM&google_cver=1&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw&google_hm=a83cddb24791fc8c7b1ad1b37b37ace0

Request Chain 121

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U2wzTVVSSjQxUHhGNGM1&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE

Request Chain 122

https://a.tribalfusion.com/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 123

https://aep.mxptint.net/sn.ashx?google_gid=CAESEPIvE6ZCQ6y9yd0KEL5d9Mk&google_cver=1&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI0gtW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI0gtW&google_hm=UjFCMzMxX0ZFRTQ2NjNDXzExMzM1QjU%3D

Request Chain 124

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELVfXDkskqp2qhM7jjo29f4&google_cver=1&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqBtfeIdvt6chPcb8odrWDxt02ZcO9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqBtfeIdvt6chPcb8odrWDxt02ZcO9

Request Chain 125

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEGZjTg-FI1WY-KsbU0Pwl8&google_cver=1&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1xypRorh260Fpl_yS HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8ewGY9hbQvWNSm3cbehgRQ2&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1xypRorh260Fpl_yS

Request Chain 126

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEQA8u8hba9K3nEJtcz11Q8&google_cver=1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha

Request Chain 127

https://cc.adingo.jp/adx/push/?google_gid=CAESEEfmnjEO0-xBnmJIjakJ3tM&google_cver=1&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1&google_hm=818cff40a82bde0c95bcac1e30ccc49b

Request Chain 138

https://a.tribalfusion.com/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 139

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx8PYR4rtmjDTVQ2AdV9cZ627oWImVvJhvumo2JYpY3lWBj4QejtpkBiaDMiDwzKp1aILJucA8jDgMbHC2y7y3apaq1Jrdgg7PU HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx8PYR4rtmjDTVQ2AdV9cZ627oWImVvJhvumo2JYpY3lWBj4QejtpkBiaDMiDwzKp1aILJucA8jDgMbHC2y7y3apaq1Jrdgg7PU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

Request Chain 140

https://fksnk.com/cs/google?google_gid=CAESEICGsjsk0SpVTeiJVsy-6kY&google_cver=1&google_push=Aa02lx_hT6lCdG1g-7bBgB7NVMqrQwvjDANuW-j_oZOZfFT10e8cs3BMShhbu5kVqtMCU1ScCb85-9gdPXBMH-IcbM8ibCguyvAePQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDEwQzk4NzkwMEFDMTQ1NQ==

Request Chain 142

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH-No8Xbf2tUsTJvngd3TnU&google_cver=1&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH-No8Xbf2tUsTJvngd3TnU&google_cver=1&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ&google_hm=Txe1W2fhRBGOt_9OvXvGrA==

Request Chain 143

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMWitjN8hPmYkR6VcuGxK04&google_cver=1&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMWitjN8hPmYkR6VcuGxK04%26google_cver%3D1%26google_push%3DAa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A1210261728506740645&exchange=193&google_gid=CAESEMWitjN8hPmYkR6VcuGxK04&google_cver=1&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyMTAyNjE3Mjg1MDY3NDA2NDU&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU

Request Chain 144

https://trace.mediago.io/cs/google?google_gid=CAESEI3VshtfiYZaQSXuJD_QT20&google_cver=1&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZWy-MUtG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZWy-MUtG&google_hm=5fa1259d42c343d3415ec014c51078f4

Request Chain 147

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_cver=1&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6f60f7c74a531870&is_secure=true&networkId=14000&version=1&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_cver=1&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAInNa40sh6qAM_PH4EAAAAAAA&expiration=1677835056&google_cver=1&is_secure=true&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg

Request Chain 148

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=1&google_push=Aa02lx99_XDEl2kBAmpg64zwZnPkcyRYjtymgIIIaQ9UOIedFMXDJV1thg96ynD4XHIu0FpO_fwGxzdcJ3IAvlYnv1d0Xs8VoaCYZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OWE1OTlmMzEtMDczMS00ZWY2LWE1ZjUtODBkNDk1ZTU4MTU4&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=1&google_push=Aa02lx99_XDEl2kBAmpg64zwZnPkcyRYjtymgIIIaQ9UOIedFMXDJV1thg96ynD4XHIu0FpO_fwGxzdcJ3IAvlYnv1d0Xs8VoaCYZA

Request Chain 149

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZLjo8d3su0MNiVkSwvQ5A&google_cver=1&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTeUJ-MChQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTeUJ-MChQ&google_hm=eS1La1pYbkt0RTJwSFhoRTFnU1Nyd1FhTDJWMDQwNHFtVn5B

Request Chain 150

https://a.clickcertain.com/px/img/g/?google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=9b248308-7394-44b6-b0a6-f3774318ad7a&ccid=9b248308-7394-44b6-b0a6-f3774318ad7a&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEP_cGcx0gezIvS5yQoRPMMM%2526google_cver%253d1%2526google_push%253dAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF%252dtF%252d2c6UV70M5Uu1cFc%252dC8i2cl6rcxKr9iS5AzWCSZ11qWfkg%2526anx_uId%253d%2524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEP_cGcx0gezIvS5yQoRPMMM%2526google_cver%253d1%2526google_push%253dAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF%252dtF%252d2c6UV70M5Uu1cFc%252dC8i2cl6rcxKr9iS5AzWCSZ11qWfkg%2526anx_uId%253d%2524UID&bidder_id=200441&bidder_uuid=9b248308-7394-44b6-b0a6-f3774318ad7a&_li_chk=true&ccid=9b248308-7394-44b6-b0a6-f3774318ad7a&previous_uuid=1f2d94baf9e44d7e9c79531bf2bd3a65 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEP_cGcx0gezIvS5yQoRPMMM%26google_cver%3d1%26google_push%3dAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF%2dtF%2d2c6UV70M5Uu1cFc%2dC8i2cl6rcxKr9iS5AzWCSZ11qWfkg%26anx_uId%3d%24UID&ccid=9b248308-7394-44b6-b0a6-f3774318ad7a HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fg%2F%3Fdone%3Dtrue%26google_gid%3DCAESEP_cGcx0gezIvS5yQoRPMMM%26google_cver%3D1%26google_push%3DAa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&anx_uId=2582813490691789145 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&google_hm=OWIyNDgzMDgtNzM5NC00NGI2LWIwYTYtZjM3NzQzMThhZDdh

Request Chain 151

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcN_EgkeKFsuGWR2j7V3Rs&google_cver=1&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7S6dprDYUx-zh4B0usMZlDqbOlag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRVzhDSTQtRy1EM0NY&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7S6dprDYUx-zh4B0usMZlDqbOlag

Request Chain 152

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESECHYnJxhUYozj40pkwxXCGA&google_cver=1&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3J3TlcxkYz4hRcKzE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=SahgriqEAUap7ADb8-u15g&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3J3TlcxkYz4hRcKzE

Request Chain 153

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOSV4uGxBXq9bLorspl_QIg&google_cver=1&google_push=Aa02lx888iD6Libi97QkGv7XIsPjzLKpoqAev_Ih2IMGZvmyj5_r4kRYl0BGI_2o2yFBEyw4ct0N_LOADKvUIfnZAPT023dHH7c3ZJ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzgwNTkyNDUtNjhmNS00NmExLWIwOTUtZmRjNjUzMDY5NmU0&google_push=Aa02lx888iD6Libi97QkGv7XIsPjzLKpoqAev_Ih2IMGZvmyj5_r4kRYl0BGI_2o2yFBEyw4ct0N_LOADKvUIfnZAPT023dHH7c3ZJ4 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 158

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

173 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sci-hub.hkvisa.net/
Redirect Chain

http://m.nih.gov.scihubtw.tw/
https://sci-hub.hkvisa.net/

27 KB
7 KB

744ms
525ms

Document
text/html

2606:4700:3033::ac43:aa45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:aa45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42010ba524f3ea737e3d41bb92a10c105625b4fb795dd519e0f67bfbc1903bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=43200 no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a188c1e0c8b1885-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 09:17:34 GMT
expires: Thu, 02 Mar 2023 21:17:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIj%2B6jOqIdZuSJ4mupKWUSPJ2YUzr%2BsDeGZaBAly4M4LV5CVx9M9ONHajrfCuDDFiWY22IrlbBhI1jBEDmPTNKOoE%2B48U7jlkem77S2qX%2B8u3QV%2BF8drVGO%2F6jKZx%2FJ1%2FdJpaIOW8H5wOHMU%2Fpjb3tY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-cache: MISS MISS

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 02 Mar 2023 09:17:33 GMT
Location: https://sci-hub.hkvisa.net/
Server: nginx

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 70ms
12ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612648
etag: W/"5c00bb7c-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki5bXdZMb8Fqj%2FqaJwQRem8xehy%2Fm413RinDvqfJtNqYMo%2Bfb1yhj77A%2Fe4jLD7KT%2F4daoS9s8ceR428qqGC5baR8%2FpZb%2Br87S%2FoX8jBeTLm6qOlsRCJmhyH4a4cphY3M8%2BK9a5LtZp1oLOCQ6RK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c21bb838c0c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:06:46 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 75ms
18ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612648
etag: W/"5c13665c-3dee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmUCsHi00vqTYsmp%2Bxf3hqXHwy1y6JY1jdiDW2feMu2SX2Jd%2FTnPRQTkdiopIV%2BXvpXfqBcEL%2FgKGeBHzrMY5ZttWUyln%2FL6RP5Rc9Syn7fzvwmV02xXLXBYCqqQzpIqORYZzGDTdtmTnn7x4YGQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c21bb858c0c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:06:46 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
23 KB 71ms
14ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612648
etag: W/"5c00bb8c-1798d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piieS8DNATn%2B07Dv8ksUMr6vYqoT1cGpPNI7R74CmYmkmXI9x5Lxl0ZGDxA%2BrvXw7oYRIWFb7s5Gi5iDHO7GpXuclUuh7C5NNb7e1p3U8WauYOScBAKXe%2Bf1PXTUuqpctMTAhkqd1SQ64TsHRPxS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c21bb868c0c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:06:46 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 10ms
10ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUIyqlFhU1%2FDpFSVpTNDoqNBmx2xuZnOKx7VycEwNHRtiiNJmOlIZjd9jlgZkPvRDeRbmN7%2B7VKLRH2qvz7dnKj2YD8TZDGlXgIsjdtZ3z6G2dWDpft1qi9DVzeGOPgf2QA6ovZ5dKJkuChgH6xD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c21fbbc8c0c-EWR
expires: Sat, 25 Mar 2023 07:06:46 GMT

GET
H3 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 18ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRn%2B4NNRRj1YiWLdeNeoKRg63wt%2Fu6GaGGOs9%2FCjUuK0FjLBgklLZXYlJ3pycwx8uyrXhyC8QDuwvRysia%2B%2F8qdw9KMkWVcxdOS%2B92XN7Ht7z6lU3AbGyPOkerxIocTkDrxEpEQHkYD8t%2FoRGBma"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c220a1cc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 58ms
26ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aca17d412ade9f9a72a3d2d27f097a98af97daf83eb211af87c60b444178690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47985
x-xss-protection: 0
server: cafe
etag: 513968448114827620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:17:34 GMT

GET
H3 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 12ms
12ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T83xhUcFP8NTPtr5d%2BXbBOGpXocxAU1lIpJpBKwDF%2Fw6S%2Fboo364mBeX8xG8TQJn3hsbDBCYExE7CBTm0ynaEpsp%2F56bT4%2BKGTI2NLe3Z8suE3HXJBNcGd0LQL9OB3F51qOwECehn99A0r5zOSR8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c224a56c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 17ms
12ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4isrksypSma7csUIWkz7pPQ%2FbZObNWcmF8ZNEPR1xb5%2B1itZBzejDQZ9znqWZxC7xo59NRDz5URR3FNsr%2FtNYYiwz5H2aczXfdoS%2BDCD35HV%2Fhq%2B7F5FPhosYsWhsDhK5GHRKUUBYFnXlDgumn8f"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c225a69c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 19ms
12ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLvo8xVTjdkUCwnTfEWua8lJwDpCCISpQOxNaieb8jhrC2wys7webqLuTrmfjFmNJuqdkuRUPLeyxFJh8teij%2B9BMFSlVrhTVK1XwnXxF7NAI8q3Gml%2B51XTiCq7m7pVOGe5kIYE%2BKPH6isNjsAZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a6bc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 21ms
13ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juuA9dsm7uPxxqOztF82iJlH2Ol8%2BwLU5kci6lEi6CnAo%2FIYg620vxw3IbRjgjA%2F3a%2B56eM9ASlM5GF%2B%2BIv1ggtj9sm%2BERzdExvtb0qk2sBYFXa3ouSJZmEhIqOLxdqsfd30XK9CdeFjOAralvw2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a6dc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 27ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606680
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaH3tPFD6JOCgtmpfzEf9cW6DevG4ok0%2BWwdnCcEz%2F%2BR%2Fq9QtBw3kqaNAlKWvcIiKDT1wuYsiNYQk2OuQhTZnk%2BYI8xmsPenfOCjspI7pCugeNFnxYLt%2Fj1KYFsEW8jAUbR%2FjIR0Cuh7YMLj8JSE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a7cc32f-EWR
expires: Sat, 25 Mar 2023 08:46:14 GMT

GET
H3 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 31ms
20ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzSI2%2B04AaDTvpP33KjOE0e4Ypedv6TPTuE1132Ku01RZG8UzJvJa9lwPi3sVTbBGRRQ1C54HZflAjSjzvd8yxsK2OnVR3Ji07TjEo3CoLiafSOaJTwNUSu2UwnE0QBcjGSVIeBiCtE6xqJ1knIh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a7dc32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 28ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsWDvDjdgoMx7wVv5CqQYV29dDGZtMNd1w3uu0kkIpi%2F7HAfNW9KSOeK45IePLpeBe2HftiVqlplhzziH6phphiKCG%2Fn4u0exbt%2BpyxDRULrqr4WNfolV%2BaN5LLBI%2FPzLuzKyAEmHMia%2FziIVnqG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a7ec32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 29ms
18ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQwKmRfbXeBqrpf3Qk0BIPmDTxPtjmUn2tCizNqXtCDDbNKugSa2CAkgLKCxjsGAOmTp2omPZ4MxpxvaWSKoJB6Ohn%2BvGYXzvdGdlKqjCR9fbTCqDr5XREazgEgomEpDspkzxmN9BHvDzV5PI6p1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a80c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 29ms
19ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FIHkcVRv8S%2F7iv8Wi5ssSHBSFHa806JSM0E%2BzTLkX9qwPJqukVN%2FQ1%2BLzMBKKz133sctlNvqjGxi0u1DdEiB6Lwl180jp8lSp33SwLZeY5jf5EfbNn7joQrFuNu5ApvAdy0WyVSQGknFsGiWWvJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a81c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 28ms
17ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHAzBvgDegQPiA%2FRVOYVhGYiOEgDDhQX3UwZyF8XQNeaOCSBlv%2F9fG4prUJ%2FIHl9vH9EPN%2F%2FpFjodp%2BOP5XZq3RYdtzTgrFSbITD%2Bnld5EkuHxrdX8Usz9y7rBVHD0Lu7cltscmOhfCvq4EsMiAZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a83c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 34ms
24ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 609206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLXbxOe%2BJ97Y%2FI2owRZxmULgcaynSuLA4wxTqSmsVdo0e2SBQ8%2BOaDD702s6pIqftGx9euWCRnccCQJHtczAO%2F2Bmp%2FaE2ZokhAs0i%2BiYF8%2FQSgXzgyXQddyqT9YgpYBh3CEtNIk%2FFScZbi2e%2Bri"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a85c32f-EWR
expires: Sat, 25 Mar 2023 08:04:08 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 36ms
25ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGXQSsen5GIVFdF9H2Sonyt7h8IymtSD2ROTUfamx3jBSIinr12qvqp0wDXjd7QyPcjIt%2BFWZt3jrLuZXg46Hz3u6iDSOFcYM1%2B4fLjRs527ShbDvaLFdJTmmaAq1W3lfNlwutKAVpZEZNFiXl8I"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a86c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 33ms
22ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOJ6SZdFAEvneoXoEo3WH246XAXSxaGik%2FR%2Bs8bfvweQ3GHX9jVEFLji%2BKnMqKoJfZDVBzgyx6M2DHoM80%2BK8pic%2Bgth38h%2BYyMoTxZ%2B0Pk%2FH7Qe6gWlNTFr%2F6nOM6pYuBbqrf4bTm7lADZx8xCo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a88c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 37ms
26ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wD7%2Fus3v0NShMPsMASG0RdG1mJ117olPv7QeIf9y%2FnixtaILaUe6Ngz%2F7H%2Fj73atTvcOF7c2gvbS4g8DeNqrQMeFAShwV2K8QAIMvIOKfB5da%2BIZmwU9MC6WOmIB7AXi%2B43%2B5dswHWJEiO6RlHS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a89c32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 38ms
26ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 612108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLJN4WBwXNIFlkpy8dLZ1f4zFxInABJvJsWVqbhEDnfNMiJMkFF5P%2F9si%2Fi4HKZIRuII%2F5OZ27TuLViodzk3%2FKvLPpbjBVqshBtIhFvjNly7EQtGnn%2Fj5sNXJKZecAX8dJKFSx1VB9rI%2B7GI26Ux"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a188c226a8ac32f-EWR
expires: Sat, 25 Mar 2023 07:15:46 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 13ms
12ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 612108
etag: W/"5c00bef8-a5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bXVxRrJfuxvVvgOfLJqqKKhxuP9Mg4DtbFMHjczfBooncJ3xST5e9rr0d4%2FdMXhnyp%2F%2BOgIg%2Btm2TTTQjkYjPmqwbwToOV79Ae5uTUAKT75WHT0fYDBikojSikNUd5ll0LNjkXxmYhcM7o5mGF6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7a188c22cac6c32f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:15:46 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 49ms
47ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d2a985f6246d4d158a58fe3fc22f8c0e237b4c2bb13edd22bcaf645c515c52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121450
x-xss-protection: 0
server: cafe
etag: 13748770885081091010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:17:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame F4F8 10 KB
5 KB 25ms
10ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 51013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 19:07:21 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 19:07:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
328 B 19ms
18ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8131a513a9dc091336c2f1a626bf83f14e67d380ff422202aec3ed8350e966bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 53ms
31ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5DF 89 KB
32 KB 327ms
327ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67775c51680c9a79083e38f7785bc8cef5099b4241b702204385bf01bb0b249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 304C 436 B
234 B 247ms
246ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1677748654&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654591&bpp=4&bdt=293&idt=186&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=P23oAXUhxO&p=https%3A//sci-hub.hkvisa.net&dtd=192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88d09b92bd97c459d5caa94206e524df883c058507a57efe65cce88f0ecf8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A5E 140 KB
41 KB 494ms
494ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1677748654&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654619&bpp=2&bdt=322&idt=169&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0af524f2a665c75da94eb362f6d487be2583a3f527d9ff828360040dfc338ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 17368753492450477996
tpc.googlesyndication.com/simgad/ Frame D5DF 14 KB
14 KB 142ms
113ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17368753492450477996?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmWH35phWwEjxjUPXuQ89209gvRfw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b73a9de1f94520a870f9e2f51c8008c1fb28e8cac0a341a52f6e538de9d8e14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14434
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 16:20:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 09:17:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame D5DF 22 KB
9 KB 38ms
10ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame D5DF 225 B
355 B 35ms
16ms Image
image/png 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:27:33 GMT
x-content-type-options: nosniff
server: cafe
age: 28202
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 03 Mar 2023 01:27:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D5DF 3 KB
1 KB 32ms
13ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D5DF 20 KB
8 KB 33ms
11ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5DF 158 KB
49 KB 48ms
19ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D5DF 33 KB
14 KB 35ms
17ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13717
x-xss-protection: 0
server: cafe
etag: 17409078185802295553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:39:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D5DF 0
0 36ms
31ms Fetch
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUpEdrmkAZOjnMNSRsALat6z4AuTD4_dtktatzrgQ2te0uKcmEAEg86rhe2DJxqmLwKTYD6AB-vCd0APIAQKoAwHIA8kEqgTNAU_QYtyvfzsxPON5y_fc5FlwVLOeJQLFVOSTNv8ufbOSU4muysK-en3ZwodePLH5uy6tKDQztoNpAimf2jAF4EzwQ7bCYTHBYPCOZyDNWTrOU2HI-PsZ81tsxUMMstWF_weWvqMMvH8VVa9__Rw1lff5ORo0NIQYgRowdtRewO-M_iETIG0b26nPQx_3Q3p-5vsOdSV_vDcN8G4NzRcqz88WguMx_LL9ncDEZdjIt-s2FAdJ3yYcBKOsVUK5Choh2EZ52TQevWdkbED7vkrABPuk8NuMBJIFBAgEGAGSBQQIBRgEoAYCgAfujuIvqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQq4wF0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=qZ1KUJ1I0MU&uach_m=[UACH]&cid=CAQSGwDUE5ymvHC7-JCEHngk_01QKRPlAnRE-bPj7xgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEF9 143 B
166 B 11ms
11ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1677748654&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748654586&bpp=5&bdt=289&idt=161&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&correlator=7643765922952&frm=20&pv=2&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=RcYkDUHpGy&p=https%3A//sci-hub.hkvisa.net&dtd=186
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:04:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D5DF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c358d20ff4b968e538fb50ea5ea7e9833d8c3843b0aa95926a623a8fec2e72a5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEF9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
18ms

Document
text/html

2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame ADD0 36 KB
14 KB 11ms
10ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:32:06 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 150 KB
51 KB 27ms
27ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/reactive_library_fy2021.js?bust=31072569

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d18579ef0b6d5a05ee88a9a11ed2b33c9091757e45c0c8db34f3c337efaca37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52039
x-xss-protection: 0
server: cafe
etag: 1026667329078479959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
19ms Script
application/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 11CC 76 KB
23 KB 213ms
212ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7f7043273a3d76ce583d8e654a3c64d8ff006515e7273cb8d44b605e29d67b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 23998
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D766 76 KB
23 KB 179ms
179ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e75db49898e745334db21dfb96d74176a8e9b9bdc9acdd23dca4548e96fc7be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 23843
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 447A 60 KB
19 KB 222ms
221ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea891fc663d2f579465eb049cd12b9582079f0358c98c5ccd4980ab3283e860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 19111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3060 76 KB
23 KB 225ms
225ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f41d261d10c0b3ea94ca91dd42bb247fa018be1f3997a8f2cda069668c75c51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 23882
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 8995 10 KB
4 KB 10ms
9ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 51628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 18:57:07 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 18:57:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 8995 10 KB
4 KB 48ms
17ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 19:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 28 May 2023 19:55:57 GMT

GET
H2 200 99dc865e115b275ae9421eebd8589b76.js Show response
www.gstatic.com/mysidia/ Frame 8995 10 KB
5 KB 45ms
14ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/99dc865e115b275ae9421eebd8589b76.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b7ed369c9ae686938e7c88b6252eafd6650c76c61e0f749c95d4c8687b35cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 12:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4662
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 28 May 2023 12:30:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8995 8 KB
1 KB 54ms
20ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:19:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 8995 2 KB
846 B 13ms
12ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 8995 22 KB
9 KB 10ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 8995 3 KB
1 KB 9ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 8995 20 KB
8 KB 14ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8995 158 KB
48 KB 38ms
34ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 8995 34 KB
14 KB 36ms
19ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 02:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 02:48:16 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EBE9 143 B
166 B 13ms
11ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:04:37 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8995 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52bca6a61b3c34bf260314f881b596c9c9719324c4007c532d0bc9c3aa3c1035

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame D766 4 KB
709 B 46ms
20ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:28:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D766 1 KB
500 B 53ms
27ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:22:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D766 2 KB
625 B 51ms
26ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:23:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D766 3 KB
1 KB 23ms
14ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D766 20 KB
8 KB 29ms
10ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D766 158 KB
48 KB 44ms
25ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EBE9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
31ms

Document
text/html

2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
expires: Thu, 02 Mar 2023 09:17:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame C093 36 KB
14 KB 36ms
18ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:32:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 11CC 4 KB
709 B 41ms
29ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:24:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 11CC 1 KB
500 B 40ms
28ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:22:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 11CC 2 KB
625 B 41ms
30ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:27:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 11CC 3 KB
1 KB 36ms
25ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 11CC 20 KB
8 KB 21ms
12ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11CC 158 KB
48 KB 56ms
46ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D766 0
0 56ms
47ms Fetch
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEe5Tr2kAZJj_IZKbzLUPtaOriA-Lv4iuZvG66fX_DsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzjIAQmoAwGqBM8BT9CYPS2-CHi-CoXo3Smxt7tkfVDcsZ94rnbdbRTxG0uEF8uBBI1tYdp2Kvt6vzqtjeQYMBxtUAPLKpuymHnf0XoPIOKPi3Q_wIp-nFstpWx_viwN4Rd2qUedyWObHKIHLoBOZJCILd5FhofKRiZvRk33SHhBVWATCiOqY0cql_toxjPY10xFDU0xkCwpYe_xZIO3DAXvu2ohh8IFkmkAeteI5E7rA4BF51fDMqfIQhTPhsLUQVk69U_Y_NGAsDvSsL7Mu_wQKextvc2tvMYUgAak-PDamMvU3VOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=wer0jdDuNoQ&uach_m=[UACH]&cid=CAQSPADUE5ymng3gI-1m900h7DPAVJv3bW3GgyzBrahDCVmBI0bNGfAmfQCsELhIpN4hnmOwbZA237X5FbzlbhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame D766 0
0 114ms
42ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11edac76-b8db-11ed-b7d5-52134f4f9444&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=imp&p=ZABprwAIf5gAsw2SAArRtY6N8zABpOifptL8uw&im=ZWKElhbe-9-4f6uRBSzoqjb9PUZAbQbtIfmWtbPxkcyphWjdRFB5hCTkSVCbbdR-DjT87Z7bD7aYPSU_m85V0qEhoZSY3mglybM9qXkcOWEBHbTTXdb_MhpTionMBd8srvMaNifjSqVJ5rZLudAC4cEaIhiMF0jpUgFNxo-LxG7wyYjtsyU3Vl79oTkhcvyyyHVZaXFa6VP39OLzx9q6nyvxZLEbwXUwHHq4oDBdn40V_Kua5u0KUlrf0MtWDxsClwwlsWB6iAiAJt-7FT2nIg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:35 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8995 0
18 B 48ms
41ms Image
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjKznrmkAZI-pNMeezLUP77-72Any7KzrY_HfkO_mDdrZHhABIPOq4Xtgycapi8Ck2A-gAYCGr9QDyAEBqAMByAPDBKoE4AFP0IHaJJB9r-nIGbHjeT9nMn7X2LROet_g-9ERzv1YNxTfZg2duLl9KZCkA2t4KlHlsLD-_IwLi46YKnEJy7BJtVygcrDglNvK2oGeN2yC_C8E8vbZe_craw1IgDYkRMRfGlQ0df9YcrZfFkrQvkpwvO4WshZtBsTorEXfwCirLyaBXkMhstfHL2mS4E6qSQFT3lelaVsV_W3mQzu2TE2DZZ5dGKuvTeIVea0zRrsDkENZIO90yt_o7qP8R-tJquBesgLU9lb2aXuUw0YD5lzAsCEhf3kh3wz-zQ45RNu-LsAErpOQltQBkgUECAQYAZIFBAgFGASgBmaAB-j50CuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC4-BDSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItNDc4ODA4MzIxOTIyNDI3OBgA&sigh=6Mfo-IK9vk4&uach_m=[UACH]&cid=CAQSGwDUE5ymFbXNGsaie2ntxLqsS48BDmGWi7MhlhgB&vis=1

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 447A 4 KB
636 B 41ms
29ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:25:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 447A 1 KB
427 B 41ms
29ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:24:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 447A 3 KB
1 KB 29ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 447A 20 KB
8 KB 36ms
24ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 447A 158 KB
48 KB 46ms
34ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 11CC 0
0 41ms
32ms Fetch
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYc0Zr2kAZI_6IYOZ0_wPjdi28AWLv4iuZvG66fX_DsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzjIAQmoAwGqBM8BT9BmW8EzzFtl2yCARtMpEVukNdvKi8ZMb5TBwf6QaTSK4FjppYBxAwK37P6GO_oSvxVodexhCI3ml8Sm2K_n9ZSvMvXMD7H7tfUQsrf-UYsX1Drpgk9PFxLzKxARKS21xkTj6RlQVRE0pHyo2L9vQNBsR5KbAIG4k8NAg775sUHBG3-yKClNBtKt2Kb0J93GMwE3jJECQEYQheasi0qOnWyxE0Y2g6w_MoubiBTCSb4hG5VERVRO2k7TSNx8L_N5hckJC74nsbLyyBnyHbX8gAak-PDamMvU3VOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=1Z6pZam5i1A&uach_m=[UACH]&cid=CAQSPADUE5ymPzDKfwiUy09xpOfnoU9vFlZSHaz94WnhdOFcgAeQzE9aNvh9lLY_p8IXrkliz1UxPcrU2Vs40BgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 11CC 0
0 88ms
43ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11f2ee61-b8db-11ed-b7d5-52134f4f9444&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=imp&p=ZABprwAIfQ8JlMyDAA2sDVUZLQ_4r1FRU-8oww&im=0HTsduhdXHsSt2LDn49zNrIfaLPjM856fFKBB2gbJwVC3HKOxYMZGsEbYs4hwrwP955O6HQCQTkAsRjce7B_I86li02BmBuRfvy9XHbNkc8XnDG_IVTb2Nr3nHRSoPzQrQk_dLwlNUr2dME7r5WUrtIo4F0hfpQbIXTqwMqgTZPpvmyrDuRUiutzwNXYZzS8NJf_N2U2EfttEUQQ9CAwtmRxY7iscgIaucYq97IoDqFlPdL6GfEbP6ICMU0GiAh6SBUAwmiL28ww5hd3Kqcbnw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:35 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3060 4 KB
636 B 47ms
24ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:22:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3060 1 KB
427 B 44ms
21ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:27:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3060 2 KB
552 B 45ms
22ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 07:23:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 3060 3 KB
1 KB 28ms
12ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 3060 20 KB
8 KB 31ms
9ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:33:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3060 0
0 38ms
22ms Image
text/html 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtfhbyZVdni3tvJMLWitQ1KIURCWzBqnmJZMluDkbwibBAzQUBBxlnVNvRHPxjgewJdwiwTfQY6XXB-E48Ga_Jcl0jqA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3060 158 KB
48 KB 44ms
28ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 447A 0
0 54ms
34ms Fetch
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKTMBr2kAZKaHIuen0_wPxc6wgAKLv4iuZvG66fX_DsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzjIAQmoAwGqBM8BT9B7qrKrc7wrza5rVZ1osnAXF0xhUPFgzeB7FQF6xAo5moreyy_CmUEz9utlrdblWoeU5C2w5wHyVg4jIWxx4z-OO_ru691fTgGG91u5LtQXLl9i0scYNZHLxH9pG2b4XTXYksYMuJAphkLrf1fy_e_nuv-dqCMmsKcB08D0XqnnktxMk5HGP2uMQQNfA_bHLRrwjW-lds7wSqJA1JUs5d0eJR5AmKqR4DlzUpqNQu2Had_3f4Gli6LhYGKD6yum0d4eKyJU1x92iECdyyt5gAavtZ29xrzklyqgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=Xeh6w2Nf5xU&uach_m=[UACH]&cid=CAQSPADUE5ymdMlogcSbEJl09Q4NiZBrs-VB3m4TN2bCVR_ifFllsdGkEqXWzbivlUorJc_oqFCsA5Lqk9AxfRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.rtbrain.app/ Frame 447A 0
0 89ms
43ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.rtbrain.app/rtimp?sid=11ef980a-b8db-11ed-8c1b-9a1e25263f45&d=sci-hub.hkvisa.net&cr=dts_gen2__7&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=imp&p=ZABprwAIg6YJlNPnAAwnRcTy4K6wDIvseqYtMA&im=4lw_gHgVAzbFT44X3vubq2mXsz3uq6fY_42GTUjZ_vK8c_yM4PbbBKWGPXaqSAVdFGJTbcoG2ALxOB1NVOhrGXGwoP_W4zuj643iysrTkW8EmIqtA3gcJVKno9QVrhsk6yNl-S6c_w8AzcUWcqJWQef92KwRp2UtKlDrXBenZFKfpW3AjtAEIzgs07sgW7Vz_1HTByH1gFcl6FzGdtcx3XQ_IdoESMATK8Zw0E69Q7kWgWixyW1ChWkPoetOgrnRpoh-OKvD52bvzrYjw6gLmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:35 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3060 0
0 61ms
47ms Fetch
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpTW1r2kAZNWOIu3Kj-8Pj46tmAqLv4iuZvG66fX_DsCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzjIAQmoAwGqBM8BT9CusDybjikxOUwWFmsQXK8is8dzBvjKqz7i1hFtu0RpOyH9Wp7z9opjQnqIeFc4vFskxH2nX555zBiIb5Q00PZmcdREenfX1yiI2KJ4jaAvwWotUqUk6eeoCPPzyV9OKjKlyMBr4kKP0J5jkT7uniBpjHRx2krcyUxwDYUSNKgveE-T2s1zOxqOMvUcnTjq06ls165XFEK0LLycvMn8f7l3nwyhkpZZnXlGucwXw9C4YlSi7-yppGkkGRukhRHbancqkD7hAuqpom6bTM2XgAak-PDamMvU3VOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=RL7Nz3yzW1Y&uach_m=[UACH]&cid=CAQSPADUE5ymuN7W4Cs6fKuAF-bhcEkwalePGBC8OuKo01KErnExO66pF-ADP1cRU-jNtC2yb-fTLQ2p1dZBqRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 3060 0
0 56ms
41ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11f1862a-b8db-11ed-a7e6-7ae30d27cd07&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=imp&p=ZABprwAIh1UH4-VtAAtHD9gxTpjK3cGYZlDVsQ&im=KQbsAFBJ3KjHGjht34E2d8Ocumb0Utf9xxJOEpognx_-ft-9JYVuJvsTbI7PPa6I9fcxMTrcTcJr1ae3z4iMOlID6TzEagmPwAWh1dXN_Jv0lNT2iLo4QaJM43y_unRV_5JehhrMtAY5gNR6lu5CaptHmX3oLW2JhaLQKducuqzjCtIy5HUsALRiazRGbTLMzAsfKE3bzEwzdn3_PD_oGB7a1RD_cgc8zrb5tNANq4c53NTI2w-dV64TRCb8bSBydOKl5LkBmf4oMwXELoDWlQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:35 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1183 1 KB
643 B 11ms
10ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 20:36:02 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 20:36:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B9EE 1 KB
643 B 11ms
10ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 20:36:02 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 20:36:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D766 0
0 45ms
34ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.03796558993762855
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame D766 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb08b68fa1b31eefdd289a2378210a4172d68a963da56f2e3f79b2529dc147c9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D766 15 KB
16 KB 37ms
9ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:23:29 GMT
x-content-type-options: nosniff
age: 230047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 17:23:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D766 15 KB
16 KB 40ms
13ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 05:38:15 GMT
x-content-type-options: nosniff
age: 272361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 05:38:15 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 11CC 0
0 32ms
31ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.22062994287467985
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 11CC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 960033a80d3119d5348c4e3435d34e69b841dff64ea518c2de3a5842cc6fe846

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 11CC 15 KB
16 KB 15ms
14ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 05:38:15 GMT
x-content-type-options: nosniff
age: 272361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 05:38:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2383 1 KB
643 B 10ms
10ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 20:36:02 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 20:36:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D766 0
0 33ms
33ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.12225599800670461
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 21FD 1 KB
643 B 44ms
17ms Document
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 45694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 20:36:02 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 20:36:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 447A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41319636de97a7cc96c92a6f7e4b29713a5524bea39fc9cab76c2f2eece52974

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v11/ Frame 447A 11 KB
11 KB 30ms
28ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/secularone/v11/8QINdiTajsj_87rMuMdKyqDiOOg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46989820a9b0643099415ba7b00bd0e2e48ba06142c0b5ab3035818c2b303e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:26:24 GMT
x-content-type-options: nosniff
age: 175872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 08:26:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 447A 15 KB
15 KB 10ms
10ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:23:29 GMT
x-content-type-options: nosniff
age: 230047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 17:23:29 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1183
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEPIvE6ZCQ6y9yd0KEL5d9Mk&google_cver=1&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A&google_hm=UjFCMzMyX0ZFRT...

170 B
232 B

36ms
29ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A&google_hm=UjFCMzMyX0ZFRTQ2NjNEXzExMURFRTU%3D

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx_nQb1VsFi8YV62KQJnKDO8fdakLladYiDAh_B_WRkwK3RFVPwpXAhNy9yx53Uy2ivUFjgVAXFpvS8Ya8HUg5q5S_TWVufr6A&google_hm=UjFCMzMyX0ZFRTQ2NjNEXzExMURFRTU%3D
Date: Thu, 02 Mar 2023 09:17:35 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-360735456; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 342
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1183
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx_f7SMhlWw629joKD6hC5xjWUvtKU6tXC6BR-OEQbg_4qbTCZSsMko94axCI6f_4vQJ9wpD9687lM1kAxjS81...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx_f7SMhlWw629joKD6hC5xjWUvtKU6tXC6BR-OEQbg_4qbTCZSsMko94axCI6f_4vQJ9wpD9687lM1kAxjS81...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

170 B
232 B

82ms
63ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1183
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKqBE6pgwaoXd6LYnFclshg&google_cver=1&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw&google_hm=Q0FFU0VLcUJFNnBnd2F...

170 B
232 B

50ms
31ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw&google_hm=Q0FFU0VLcUJFNnBnd2FvWGQ2TFluRmNsc2hn

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:35 GMT
via: 1.1 fc527c9e0a8a22ce61e1580f7382bcf8.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx_WwTNP7usiN6bNxwMklgyPM-HzjDWMp5Bthkbe-lpUh--oM6rkG9AxvMpqo3zOlia7PbhTZKHwYRuMubbzq3NGPZIWhMHRrw&google_hm=Q0FFU0VLcUJFNnBnd2FvWGQ2TFluRmNsc2hn
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: gqfkt4F0sB8PMOXFxw6WFRdVpFBhTL8SdWpEom3rPAlgDQjSTkJ0Mw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1183
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEGZjTg-FI1WY-KsbU0Pwl8&google_cver=1&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYT...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vLQrl2ARe-AWV4o6xM2iw2&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYTVMfNvPh-5ruwOw

170 B
188 B

37ms
32ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vLQrl2ARe-AWV4o6xM2iw2&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYTVMfNvPh-5ruwOw

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8vLQrl2ARe-AWV4o6xM2iw2&google_push=Aa02lx_mPQkiVo7on7pvkEJMlkv1X-WTBOmo8zE4PHRhI9K3CQaouMeIMUSK1_ukIp3D5jGsyUgMC--cyL3W2wYTVMfNvPh-5ruwOw
x-host: tde-deliveryengine-production-cdcfc8b9-x4p66
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1183
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEKAJDFjpRETnmM-h8NnCS0k&google_cver=1&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJa...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEKAJDFjpRETnmM-h8NnCS0k&google_cver=1&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJa...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc&google_hm=MDUwMTAwMDJfNjQwMDY...

170 B
188 B

29ms
29ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc&google_hm=MDUwMTAwMDJfNjQwMDY5YjU5MjNmNQ%3D%3D

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:17:35 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx_AtPEZQ8fXyW1gXi5YLTHVbi8LMJCPpfYGui9YtMRNBUKsw5IxktZc8wGLiFDkqVqYzyzxcwXFJaIupeXUxLW3oaM_9xUc&google_hm=MDUwMTAwMDJfNjQwMDY5YjU5MjNmNQ%3D%3D
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1183
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

36ms
31ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-KdnOKbSt0AqDOd28SP2-BkXxd_VuDL0DOSA9FIlb3C2opV002JjUIuMn8pRu1Ado8cEKGbhKaW6ZoguF1THJBenl_ih1dUQ
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1183
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEEfmnjEO0-xBnmJIjakJ3tM&google_cver=1&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw&google_hm=a83cddb24791fc8c7...

170 B
232 B

41ms
38ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw&google_hm=a83cddb24791fc8c7b1ad1b37b37ace0

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx-UP3rlN2r_vX3RACv5vKxpyNylBPPOWQiFUQgj_bmhfaV8AoU_nIF-yqgZsSgtuvmVVwzVzWYXZ9ucOetVVDcn-oqAeKS7Uw&google_hm=a83cddb24791fc8c7b1ad1b37b37ace0
date: Thu, 02 Mar 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1183 0
49 B 124ms
22ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPXTEOz4UttNWttUrXr8X8kIkYQshVRTm6L9HOEASt-qp50chVOhUBdVJ2aI8j3e2V3zhV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 rtimp
g.bidbrain.app/ Frame D766 0
303 B 39ms
38ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11edac76-b8db-11ed-b7d5-52134f4f9444&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=load&p=ZABprwAIf5gAsw2SAArRtY6N8zABpOifptL8uw&r=877232167&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 11CC 0
0 48ms
47ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.05104588442469438
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9EE
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U2wzTVVSSjQxUHhGNGM1&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfB...

170 B
188 B

28ms
27ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U2wzTVVSSjQxUHhGNGM1&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:17:35 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-0fb9a6fe1de828d8a@us-west-2b@dxedge-app-us-west-2-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U2wzTVVSSjQxUHhGNGM1&google_gid=CAESEBgtkvsuKsVOLIL8nKxpbW0&google_cver=1&google_push=Aa02lx-MeVxNcxvXa5eE1Yoj6XhiV-4kCSJP-lI9YT7lgfBAF31Zv_o943Zd-iS2pmqC6lrrLwQADs6VKec6dCu-YeEiu3-08yhEWiE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B9EE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvh...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWL...

43 B
420 B

95ms
76ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a188c2ebc5cc355-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1298
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9kqk0c7cEwhSLp2DEpZVZaMN0gE6aX85M3CUAR28ZiMFPBwhdVqRrtMKSndLnO7m8NKSIKVdJBmL0WM-mFJzATsK6bAWLvhLBK%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a188c2e1be1c355-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B9EE
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEPIvE6ZCQ6y9yd0KEL5d9Mk&google_cver=1&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI...
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI0gtW&google_hm=UjFCMzMxX0ZF...

170 B
232 B

38ms
30ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI0gtW&google_hm=UjFCMzMxX0ZFRTQ2NjNDXzExMzM1QjU%3D

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=Aa02lx8rSmsY1h4Rg5A2-Hz_-xs23PZ4n5hPWs99lnCiHtS9_ZFqsLr1BH3k6s2Rbp7HMNA5lnSTSJoFAkxdbvpeZ_JLHAKwDaOI0gtW&google_hm=UjFCMzMxX0ZFRTQ2NjNDXzExMzM1QjU%3D
Date: Thu, 02 Mar 2023 09:17:35 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-360735456; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 344
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B9EE
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESELVfXDkskqp2qhM7jjo29f4&google_cver=1&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqB...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqBtfeIdvt6chPcb8odrWDxt02ZcO9

170 B
232 B

32ms
29ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqBtfeIdvt6chPcb8odrWDxt02ZcO9

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:17:36 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: ABF311858F5C430F84078F23A2BD4D28 Ref B: EWR30EDGE0115 Ref C: 2023-03-02T09:17:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=Aa02lx-2UWI4_OQAuDnEJ8O_CxUkUT4VG4w_UavLgerrXLoYgTXI9fLmklNwJFyCuBVjtXcQJzuqBtfeIdvt6chPcb8odrWDxt02ZcO9
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX150yvYyBVBrPIl9qCsw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9EE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEGZjTg-FI1WY-KsbU0Pwl8&google_cver=1&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8ewGY9hbQvWNSm3cbehgRQ2&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1xypRorh260Fpl_yS

170 B
188 B

44ms
39ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8ewGY9hbQvWNSm3cbehgRQ2&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1xypRorh260Fpl_yS

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=8ewGY9hbQvWNSm3cbehgRQ2&google_push=Aa02lx_vfBLxsrMjXosjJh-6cIj2UJxfxF17W_dg096XNPe8gbbD0RmYGfgE6gJCmb410V9ipvJowteUc8gemmW1xypRorh260Fpl_yS
x-host: tde-deliveryengine-production-cdcfc8b9-x4p66
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B9EE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

183ms
159ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vzs_jr0rTP-5Mx52cZp8kQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-Yg20q90FrvEYDwoD4dn2N--u0xzCRJghQwRhym3f7j6-ajmRcpaXilPvM3kpn-rA1_04eLCZp5MmVDCt6kuUCCtMWaWnSYOha
date: Thu, 02 Mar 2023 09:17:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B9EE
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEEfmnjEO0-xBnmJIjakJ3tM&google_cver=1&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1&google_hm=818cff40a82bde0...

170 B
329 B

32ms
30ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1&google_hm=818cff40a82bde0c95bcac1e30ccc49b

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aa02lx_mu1dZqHb7SCkSXUAXL5U8bTQLezKGOa7gduayNnh5gFVahKRyGoB-fc5iWL0PyM5tb25nbrI-xnQ30vFi9tzmjSXjUufx3La1&google_hm=818cff40a82bde0c95bcac1e30ccc49b
date: Thu, 02 Mar 2023 09:17:36 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B9EE 0
139 B 95ms
21ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LviwSA-KRcviwBxSjf8Q8g4zkxKfTi6OhxaY6muSdJ8IVu7bCyfKXdsX0j1hmSBzTlYRX6

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 rtimp
g.bidbrain.app/ Frame 11CC 0
18 B 43ms
42ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11f2ee61-b8db-11ed-b7d5-52134f4f9444&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=load&p=ZABprwAIfQ8JlMyDAA2sDVUZLQ_4r1FRU-8oww&r=742710973&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 3060 0
0 41ms
40ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.7647406536271211
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 3060 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e36d0d0662ff83906b59c84aef4120d07dd52bbfb289b3e72b69de03168100a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3060 15 KB
15 KB 47ms
19ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:23:29 GMT
x-content-type-options: nosniff
age: 230047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 17:23:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3060 15 KB
16 KB 56ms
27ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 05:38:15 GMT
x-content-type-options: nosniff
age: 272361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 05:38:15 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5DF 42 B
64 B 73ms
40ms Fetch
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-70FNUVg9O8uJ7Fzu1DuZsHMipstDRMvuIfaezCZnLlgWG6RE6FaMZOo5G9lbExWRaD6O662jN6PelJAz1KGbmVlSypJCLzo9IMlQ--K59hF78QbhSQBaV1rV6gkYRfOZveU&sai=AMfl-YSkkmZr_TD54NKiJ3lBMa6anDH_2N5cHffC6guwVIwTbVD4EklKonsK6flHUPjTOblnPyw_pbnH4Dxm&sig=Cg0ArKJSzFzbqYoJgGnWEAE&cid=CAQSGwDUE5ymvHC7-JCEHngk_01QKRPlAnRE-bPj7xgB&id=lidar2&mcvt=1032&p=0,0,90,970&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1980608376&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677748654774&rpt=489&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D766 0
0 74ms
54ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.41637748311684786
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 11CC 0
0 73ms
54ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.10194971386790308
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 3060 0
0 73ms
54ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.6468975553610083
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2383
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhP...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVz...

43 B
389 B

93ms
78ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a188c2ebc5bc355-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2911
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEES3nVQlnPhVJ0QNicbzK3E&google_cver=1&google_push=Aa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9JvUM4mHytsnQCeJ4__jEI8G926n_LtPjhRfinHWojVW7AfQ071hgyUfUP8RfQmhX4RF72gBTpGTSXLPw3PPTffqLMIVzhPbI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a188c2e2be5c355-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2383
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx8PYR4rtmjDTVQ2AdV9cZ627oWImVvJhvumo2JYpY3lWBj4QejtpkBiaDMiDwzKp1aILJucA8jDgMbHC2y7y3...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESENE6oOBD7PPAygrX5Wu3coo&google_cver=1&google_push=Aa02lx8PYR4rtmjDTVQ2AdV9cZ627oWImVvJhvumo2JYpY3lWBj4QejtpkBiaDMiDwzKp1aILJucA8jDgMbHC2y7y3...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

170 B
232 B

57ms
38ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDk4NjZjY2EtZTgwYi00NTY3LWE2NTEtYWJkZWVhNGY1MjJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=09866cca-e80b-4567-a651-abdeea4f522a
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2383
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEICGsjsk0SpVTeiJVsy-6kY&google_cver=1&google_push=Aa02lx_hT6lCdG1g-7bBgB7NVMqrQwvjDANuW-j_oZOZfFT10e8cs3BMShhbu5kVqtMCU1ScCb85-9gdPXBMH-IcbM8ibCguyvAePQ
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDEwQzk4NzkwMEFDMTQ1NQ==

170 B
188 B

33ms
28ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDEwQzk4NzkwMEFDMTQ1NQ==

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=MDEwQzk4NzkwMEFDMTQ1NQ==
date: Thu, 02 Mar 2023 09:17:36 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2 204 CookieSyncAdX
rtb.adentifi.com/ Frame 2383 0
287 B 85ms
6ms Image
text/plain 35.172.37.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEM8-9N_rNVUAR_GsutrqEFk&google_cver=1&google_push=Aa02lx9HIC2wP6bh9LF_EWKSSCNKgDnEVMIKbKA6ZfDJIjNRjXJs9e-6eIarnFPPwrUiNQqygPzCLQy9JLMwMaA1Z5VslQ0VmlzUa08
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=1692844409&adf=1628876219&pi=t.aa~a.3826039709~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2614&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=uHxHHha3Rx&p=https%3A//sci-hub.hkvisa.net&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.37.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-37-30.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2383
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEH-No8Xbf2tUsTJvngd3TnU&google_cver=1&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuX...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEH-No8Xbf2tUsTJvngd3TnU&google_cver=1&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JP...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ&google_hm=Txe1W2fhRBGOt_9OvXvGrA==

170 B
188 B

34ms
28ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ&google_hm=Txe1W2fhRBGOt_9OvXvGrA==

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ&google_hm=Txe1W2fhRBGOt_9OvXvGrA==
Date: Thu, 02 Mar 2023 09:17:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2383
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMWitjN8hPmYkR6VcuGxK04&google_cver=1&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmO...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMWitjN8hPmYkR6VcuGxK04%26google_cver%3D1%26google_push%3DAa02lx-PFwRLEu1Ks1WQcO...
https://rtb2-useast.e-volution.ai/sync?adkuid=A1210261728506740645&exchange=193&google_gid=CAESEMWitjN8hPmYkR6VcuGxK04&google_cver=1&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbws...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyMTAyNjE3Mjg1MDY3NDA2NDU&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chm...

170 B
188 B

29ms
29ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyMTAyNjE3Mjg1MDY3NDA2NDU&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTEyMTAyNjE3Mjg1MDY3NDA2NDU&google_push=Aa02lx-PFwRLEu1Ks1WQcOMj5JFLiQ1t-asEXLyq2QYIYJczrbwsYyIV8dgVTv0NxSLkpqjdXEg8chmOwgIws-sK1uxqgKftgGbEUCU
Date: Thu, 02 Mar 2023 09:17:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2383
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEI3VshtfiYZaQSXuJD_QT20&google_cver=1&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZ...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZWy-MUtG&google_hm=5fa1259d42...

170 B
188 B

29ms
28ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZWy-MUtG&google_hm=5fa1259d42c343d3415ec014c51078f4

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx9naq8bOWYAkWj1uGvO_RLEa3WdoQPz6jx4cOPAMmKjXKW8czy_uuk4AwcOYQ6KiNoE2asW0Doh8VUg-uFKLMCcFEKzZWy-MUtG&google_hm=5fa1259d42c343d3415ec014c51078f4
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2383 0
40 B 38ms
22ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPM-wW1l0cCA84hK2PqwErjPHedWfwxN_vllfrDTOY37o0e0CUboQZAwJ4IvglQoei8SkoS3U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 rtimp
g.rtbrain.app/ Frame 447A 0
127 B 53ms
36ms Image
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.rtbrain.app/rtimp?sid=11ef980a-b8db-11ed-8c1b-9a1e25263f45&d=sci-hub.hkvisa.net&cr=dts_gen2__7&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=imload&p=ZABprwAIg6YJlNPnAAwnRcTy4K6wDIvseqYtMA&r=383909104&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FD
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_cver=1&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5ev...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6f60f7c74a531870&is_secure=true&networkId=14000&version=1&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_cver=1&google_push=Aa02lx9FkpG2...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAInNa40sh6qAM_PH4EAAAAAAA&expiration=1677835056&google_cver=1&is_secure=true&google_gid=CAESEOnoeSRWgy-E2CiCihqvl...

170 B
188 B

39ms
38ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAInNa40sh6qAM_PH4EAAAAAAA&expiration=1677835056&google_cver=1&is_secure=true&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAInNa40sh6qAM_PH4EAAAAAAA&expiration=1677835056&google_cver=1&is_secure=true&google_gid=CAESEOnoeSRWgy-E2CiCihqvloE&google_push=Aa02lx9FkpG2lm9kfm6u3i-qEzLnhiquJlA1nhgVjUAnNhShOyRM5evpUBV9jetI-OSBby9XjYOvhh1QgNLMG6AjWSeo2ZxRDAubIg
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FD
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OWE1OTlmMzEtMDczMS00ZWY2LWE1ZjUtODBkNDk1ZTU4MTU4&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=1&google_push=Aa02lx99...

170 B
188 B

33ms
29ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OWE1OTlmMzEtMDczMS00ZWY2LWE1ZjUtODBkNDk1ZTU4MTU4&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=1&google_push=Aa02lx99_XDEl2kBAmpg64zwZnPkcyRYjtymgIIIaQ9UOIedFMXDJV1thg96ynD4XHIu0FpO_fwGxzdcJ3IAvlYnv1d0Xs8VoaCYZA

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=OWE1OTlmMzEtMDczMS00ZWY2LWE1ZjUtODBkNDk1ZTU4MTU4&google_gid=CAESEA_iLjPBcaAH3AY3moMNSDo&google_cver=1&google_push=Aa02lx99_XDEl2kBAmpg64zwZnPkcyRYjtymgIIIaQ9UOIedFMXDJV1thg96ynD4XHIu0FpO_fwGxzdcJ3IAvlYnv1d0Xs8VoaCYZA
date: Thu, 02 Mar 2023 09:17:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELZLjo8d3su0MNiVkSwvQ5A&google_cver=1&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTe...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTeUJ-MChQ&google_hm=eS1La1pYbkt0RTJwSFho...

170 B
188 B

35ms
29ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTeUJ-MChQ&google_hm=eS1La1pYbkt0RTJwSFhoRTFnU1Nyd1FhTDJWMDQwNHFtVn5B

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:17:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8DbcNrCD2rq53lUz0hwwAKcaF-0gaaN-4BtzAULdJtpREhtctaZd0VKoXY-WSs8OIDz8On6zbLXQVhC8jH6tgTZTeUJ-MChQ&google_hm=eS1La1pYbkt0RTJwSFhoRTFnU1Nyd1FhTDJWMDQwNHFtVn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FD
Redirect Chain

https://a.clickcertain.com/px/img/g/?google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ...
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=9b248308-7394-44b6-b0a6-f3774318ad7a&ccid=9b248308-7394-44b6-b0a6-f3774318ad7a&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_...
https://a.clickcertain.com/px/li/?redir=https%3a%2f%2fsecure%2eadnxs%2ecom%2fgetuidu%3fhttps%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fg%2f%3fdone%3dtrue%26google_gid%3dCAESEP_cGcx0gezIvS5yQoRPMM...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQN...
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fg%2F%3Fdone%3Dtrue%26google_gid%3DCAESEP_cGcx0gezIvS5yQoRPMMM%26google_cver%3D1%26google_push%3DAa02lx_pQ5...
https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEP_cGcx0gezIvS5yQoRPMMM&google_cver=1&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&google_hm=OWIyNDgzMDgtN...

170 B
188 B

29ms
28ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&google_hm=OWIyNDgzMDgtNzM5NC00NGI2LWIwYTYtZjM3NzQzMThhZDdh

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Mar 2023 09:17:36 GMT
x-frontend: cc-nginx-6577cf75bd-8gtnj:cc-nginx-6577cf75bd-8gtnj
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 3fe0f997-699d-492d-b057-a2daa7158249
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOljRmP%2BnC7fb5uT9iMSTHWGKgQArgUJXc1Pizuoo%2FHkOOl1OOR7rBhsvotfXKhBSLz4T7gME3AfYcv087g5DaDO4RL6sPnRJr93s4lQ1BOQKwNE6fJsoqFev%2F07DxgKowjDgTnd%2B7UyusR6sNyw9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aa02lx_pQ57L6DK8lloBCTME97HWt1X_Zx30Hc69qEbAYIXW7ZQNF-tF-2c6UV70M5Uu1cFc-C8i2cl6rcxKr9iS5AzWCSZ11qWfkg&google_hm=OWIyNDgzMDgtNzM5NC00NGI2LWIwYTYtZjM3NzQzMThhZDdh
cf-ray: 7a188c3029cbc425-EWR

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcN_EgkeKFsuGWR2j7V3Rs&google_cver=1&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRVzhDSTQtRy1EM0NY&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7S6dprDYUx-zh4B0usMZlDqbOlag

170 B
188 B

28ms
28ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRVzhDSTQtRy1EM0NY&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7S6dprDYUx-zh4B0usMZlDqbOlag

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRVzhDSTQtRy1EM0NY&google_push=Aa02lx9XGKbIehmjRPfn9rdVWqwLiH74Bdwr742R59_lpI44ktnqA7G2lFcfRPfXjpoxlFrkCU7S6dprDYUx-zh4B0usMZlDqbOlag
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 21FD
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESECHYnJxhUYozj40pkwxXCGA&google_cver=1&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=SahgriqEAUap7ADb8-u15g&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3J3TlcxkYz4...

170 B
188 B

30ms
27ms

Image
image/png

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=SahgriqEAUap7ADb8-u15g&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3J3TlcxkYz4hRcKzE

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=SahgriqEAUap7ADb8-u15g&google_push=Aa02lx8ca4NtIYXB-uONC9F2gHA3XcpE-kJQ9S1Od-4VtYOxJOgfGX7IVoi8fc9zcLnkrda3sybDEkUzzgmESY3J3TlcxkYz4hRcKzE
Date: Thu, 02 Mar 2023 09:17:36 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 21FD
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOSV4uGxBXq9bLorspl_QIg&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzgwNTkyNDUtNjhmNS00NmExLWIwOTUtZmRjNjUzMDY5NmU0&google_push=Aa02lx888iD6Libi97QkGv7XIsPjzLKpoqAev_Ih2IMGZvmyj5_r4kRYl0BGI_2o2yFBE...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

17ms
11ms

Image
image/gif

23.205.56.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.205.56.163 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-56-163.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 09:17:36 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 21FD 0
49 B 58ms
22ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEwXbV50asu9UyK0IflEE677ePsGjnY2WUvDjW05w8K9NxBat2fsiBudjTWE2kexlr8pX9ohg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 rtimp
g.bidbrain.app/ Frame 3060 0
20 B 56ms
38ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11f1862a-b8db-11ed-a7e6-7ae30d27cd07&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=load&p=ZABprwAIh1UH4-VtAAtHD9gxTpjK3cGYZlDVsQ&r=344237772&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET process
share.pluso.ru/ 0
0

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

43 B
528 B

118ms
118ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:17:36 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 01 Mar 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 09:17:36 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 01 Mar 2022 21:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 50ms
27ms XHR
application/json 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6a092ff10ae4e790757afce8e03dd4780b42a91f0d7bd3be00fda780c02d826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11301
x-xss-protection: 0

GET 06.png
share.pluso.ru/img/pluso-like/square/medium/ 0
0

GET plus.png
share.pluso.ru/img/ 0
0

GET kb.js
kitbit.net/ 0
0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame D766 0
0 45ms
36ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.6884894099120002
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 11CC 0
0 46ms
38ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.45580367914170083
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 3060 0
0 44ms
37ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.1103270623776269
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_fy2021.js?bust=31072569

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 09:17:36 GMT

POST
H3 204 rtimp
g.bidbrain.app/ Frame D766 0
20 B 38ms
36ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11edac76-b8db-11ed-b7d5-52134f4f9444&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=ev_prf&p=ZABprwAIf5gAsw2SAArRtY6N8zABpOifptL8uw&r=877232167&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%2293.20%22%2C%22194.90%22%2C%2276.80%22%2C%2249.10%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W2u6DJq6Gl&p=https%3A//sci-hub.hkvisa.net&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 3060 0
0 33ms
31ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.167770811979004
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 11CC 0
20 B 36ms
35ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11f2ee61-b8db-11ed-b7d5-52134f4f9444&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=ev_prf&p=ZABprwAIfQ8JlMyDAA2sDVUZLQ_4r1FRU-8oww&r=742710973&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22192.70%22%2C%2263.30%22%2C%2276.80%22%2C%2250.90%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1140&idt=-M&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=J3t5mniz4t&p=https%3A//sci-hub.hkvisa.net&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E31 13 KB
5 KB 12ms
10ms Document
text/html 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 64719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 15:18:57 GMT
expires: Thu, 29 Feb 2024 15:18:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C1A8 783 B
536 B 28ms
27ms Document
text/html 2607:f8b0:4004:c08::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1aaf78fcfed03884b5a2ff929cb9bc0af2968546e60a1b0de54ff48417bf8e3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zGiqiAbN7ZKL2WMTxIhChA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-zGiqiAbN7ZKL2WMTxIhChA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 09:17:36 GMT
expires: Thu, 02 Mar 2023 09:17:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 rtimp
g.bidbrain.app/ Frame 3060 0
18 B 37ms
34ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=11f1862a-b8db-11ed-a7e6-7ae30d27cd07&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_start_sec3&gid=CAESEA03aNhFrt5ggEB4UW0B_BM&a=ev_prf&p=ZABprwAIh1UH4-VtAAtHD9gxTpjK3cGYZlDVsQ&r=344237772&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%2249.80%22%2C%2276.60%22%2C%2247.70%22%2C%2235.10%22%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=2054855986&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1677748655&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677748655437&bpp=1&bdt=1139&idt=0&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfd991655f8bc08a7-220c1a038cde0087%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g&gpic=UID%3D000009c62260535d%3AT%3D1677748654%3ART%3D1677748654%3AS%3DALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7643765922952&frm=20&pv=1&ga_vid=1255034355.1677748655&ga_sid=1677748655&ga_hid=1735843978&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3337&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C42531706%2C31072569%2C31071260&oid=2&psts=AD37Y7ts2wvR2y3fTYtImCh3-Qh_dyw9j8XaM7sAttLABoEQn8yIWgF4c5Ks4lDlw9M8HGfpcDqFwxlNfkJ2Wag&pvsid=3142876090540063&tmod=1350366380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=YzZGrVECcC&p=https%3A//sci-hub.hkvisa.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E31 36 KB
14 KB 12ms
11ms Script
text/javascript 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QgTZnvWYncyBbJYBpDMbCbR8MV8sYHPEFXGodYZ8fLU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14167
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 18:32:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C1A8 0
0 25ms
25ms Image
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=3142876090540063&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E31 0
10 B 10ms
9ms Image
text/plain 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NiwS2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:17:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8995 42 B
64 B 29ms
29ms Fetch
image/gif 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswGuh_j854zCAsXLD_Abcu3m-IHyvJBouW-Ct7OJFCjAkfjOs0OViNF3jh-OhTQnvSp1mqvhBKwvM-XDQJr9eNcSdM-usX9aGpl3DTiBp-Y_zCg1njGy7QKLmepxNbnlCKIpw&sai=AMfl-YTNsZvbQrppUjP7ngn2cgvZQ5k65qNMnp644AdKMHHd7bee99oygx5LTwxvPHPwx7RfdDNdUrl2-bes&sig=Cg0ArKJSzGkh6zu7GjtqEAE&cid=CAQSGwDUE5ymFbXNGsaie2ntxLqsS48BDmGWi7MhlhgB&id=lidar2&mcvt=1001&p=0,0,500,180&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677748655491&rpt=238&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 09:17:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 27ms
27ms Image
text/html 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=3142876090540063&bg=!OTqlOm7NAAbv3-2Ez987ADkAdvg8WoEra6gjlHgI6Si9mzMeeVwZknSTsJC-lykF15d64U0W4Rd-pdgAkkk94WQr3YbuVY47P8ACAAAAp1IAAAADaAEHmQKrPqiJmvSMSCWb68qBL49R3O72-szKlYmiaZmCI6E6T-VBDGkFzSrlyWDVqNIqd8sN8dNCrqcLX200upyJ8x0dcdUHtUPij5lHSUc0c8yG7I3StT3Mp55g3nFQ_tUhew22f_6C3zyep3lp4tJZe_7GZrWwAkWXZIZ9vTRBGUv6TEkevXxi-4wMT4irfgVh2-12QtSaKH8IfbT4NtrPgKMqNk7CND59CTHEvfoX4WN1Dj_PGg0OY29IN9_x9_WQp4Kt2N_HUcAZky234k67uDvpRCrIDs8myNdntyYzowQFFjJ09yhP0JRSZ0Sa7GCeumr993gVHyqlcsB6M7-D1bZn5VsYwJrn8fCqh2BkXqkvMpNFfN9itkgXyUydhp6VTReSK-W1muzWohG6DUvaJOA1p4P8SkqpAQn_BFLybaO-4hgARt8bUbqgCTXCdIy4FgVioY_5pVlE46rfBsZSQXp-QM1xKbErklePAv5wrCc1LOHBrQbXcYfQf3v-GR7BjdqEQ15zIGknnnR8rxa8zQd6FffOrti-95CBJXtP8ePvA4my-tPryHsXGgYK7-eEokLu-yOe_hyzOk7_eRHEfynNKDQf5Rlqjg6OuM9PbqU6fdzsb_ZlEnQCx1S3OAo0u3XsalxenQPcGVJrxUNi1Yh7G1xbQ75giUNbsfsy0C2lB5tNGAFABqsqw-EokBbpML86GlW_V5FpFSAdNxb9tkfbdUVh5bZFHuaAWWIKk3DiN-tyove-HAzGmRmvXM-XaTfqlqFegiMznI0A9yx5wKUZ1CyORwRkk_rrp_wBcykqjL_XH3xAv3Z4V3sXgHdkLmprokHg7T6TvxUZRJfRkvcFPQ5a_qrJ4OamsASiyl8BmWvqQK007ZtUaTgDG7bbhQv-jG0hK1cWfGWSlaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.sci-hub.shop
URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Domain: share.pluso.ru
URL: https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=rKvhppZCNMJJhQc4&first=1

Domain: share.pluso.ru
URL: https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=TBRxsZinROQJLsfP

Domain: share.pluso.ru
URL: https://share.pluso.ru/img/pluso-like/square/medium/06.png

Domain: share.pluso.ru
URL: https://share.pluso.ru/img/plus.png

Domain: kitbit.net
URL: https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 10:45:40	Name: _li_ss Value: CgA
.hkvisa.net/	1970-01-20 19:24:04	Name: __gads Value: ID=fd991655f8bc08a7-220c1a038cde0087:T=1677748654:RT=1677748654:S=ALNI_MYyJueR9UW-zMxmO35AeHe6ZEXc3g
.hkvisa.net/	1970-01-20 19:24:04	Name: __gpi Value: UID=000009c62260535d:T=1677748654:RT=1677748654:S=ALNI_MbxoC0_Ucah8fo9R2rZsv_2m2Bojg
.doubleclick.net/	1970-01-20 19:38:28	Name: IDE Value: AHWqTUkz0YSlJ2KpR3wHYEfPDtbEVmwQ7AwCFUigFXQTjKNunrPf-cdQgzbejHc8u7I
.doubleclick.net/	1970-01-20 10:02:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 10:02:29	Name: test_cookie Value: CheckForPermission
.bidbrain.app/	1970-01-20 19:38:28	Name: uid_cross Value: 120d3b86-b8db-11ed-a0cf-7a785ea2ca22
.rtbrain.app/	1970-01-20 19:38:28	Name: uid_cross Value: 1210e2b8-b8db-11ed-a5e3-8210c8c93894
.rtbrain.app/	1970-01-20 10:02:35	Name: sid_cross Value: 11ef980a-b8db-11ed-8c1b-9a1e25263f45
.adingo.jp/	1970-01-20 10:45:40	Name: ID Value: 818cff40a82bde0c95bcac1e30ccc49b
.pubmatic.com/	1970-01-20 10:03:55	Name: KTPCACOOKIE Value: YES
.adsrvr.org/	1970-01-20 18:49:31	Name: TDID Value: 09866cca-e80b-4567-a651-abdeea4f522a
.pubmatic.com/	1970-01-20 18:48:04	Name: KADUSERCOOKIE Value: BF3B3F8E-BD2B-4CFF-B933-1E76719A7C91
.adsrvr.org/	1970-01-20 18:49:31	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI_p7B7Z_CzTsQBRgFIAEoAjILCLiat5q2ws07EAU4AQ..
.agkn.com/	1970-01-20 18:48:04	Name: ab Value: 0001%3A6mbS94LSQLJ4UwqWqDKk03l97kLyiQUS
.agkn.com/	1970-01-20 18:48:04	Name: u Value: C\|0CEArkyYwK5MmMAAAAAAAAQ13AQCAAQpAAAAAAA
.mxptint.net/	1970-01-20 19:38:28	Name: mxpim Value: R1B331_FEE4663C_11335B5.1.640069B0
.linkedin.com/	1970-01-20 18:48:04	Name: bcookie Value: "v=2&6504d91b-7c93-44df-873a-9bb6c29f3d6d"
.linkedin.com/	1970-01-20 10:03:55	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3011:u=1:x=1:i=1677748656:t=1677835056:v=2:sig=AQGtNGh912HLM1sKGw3kYhZ0CDGhaKeM"
.adentifi.com/	1970-01-20 19:38:28	Name: adtheorent[cuid] Value: cuid_1261c7a0-b8db-11ed-95d8-121a6d1d7927
fksnk.com/	1970-01-20 10:12:33	Name: AWSALBCORS Value: +KgyN3jZMI7hYUwixOAZc+XzDKiFy1cQ0wUa8H7dkdNTkD7061Ot6vzCjr8Mw1oJQqQ9sEESmSUzg/kIWHEC2hPBHusKueIwr3J6j4LFD2nWhvz/3G7R0an6kmmw
.fksnk.com/	1970-01-20 12:12:04	Name: f_001 Value: 010C987900AC1455
.fksnk.com/	1970-01-20 10:03:55	Name: g_001 Value: 1
.travelaudience.com/	1970-01-20 19:34:09	Name: _tracker Value: %7B%22UUID%22%3A%22F1EC0663-D85B-42F5-8D4A-6DDC6DE86045%22%7D
.bidswitch.net/	1970-01-20 18:48:04	Name: tuuid Value: 4f17b55b-67e1-4411-8eb7-ff4ebd7bc6ac
.bidswitch.net/	1970-01-20 18:48:04	Name: c Value: 1677748656
.bidswitch.net/	1970-01-20 18:48:04	Name: tuuid_lu Value: 1677748656
beacon.lynx.cognitivlabs.com/	1970-01-20 18:49:31	Name: UID Value: ae60a849-842a-4601-a9ec-00dbf3ebb5e6
beacon.lynx.cognitivlabs.com/	1970-01-20 18:49:31	Name: ss Value: CaJpCnywi1JTPSkbC90FXw%2Fm8FIbZ%2BtkOx09XSF40r5tkcvpPFd8b4pn2v0vIRdbW8fvKzFyhgNcvDSvb%2FsErg%3D%3D
.teads.tv/	1970-01-20 18:46:38	Name: tt_viewer Value: 78059245-68f5-46a1-b095-fdc6530696e4
.yahoo.com/	1970-01-20 18:48:26	Name: A3 Value: d=AQABBLBpAGQCEHt6aUKk1Wa3HLx4cYVRiAsFEgEBAQG7AWQKZAAAAAAA_eMAAA&S=AQAAAnHR5zZnXt9NiSw1xKosJfw
.adkernel.com/	1970-01-20 10:45:40	Name: ADKUID Value: A1210261728506740645
.bidswitch.net/	1970-01-20 10:02:28	Name: google_push Value: Aa02lx_16dj-rdLOosTsghGW3Fo981z8aM6lIXA6XF0uIZwBenKUANl4VN6wx1Jxn1lLVUwFLJ1o_BynM4m0JPyTHWuXutl5zUaLzQ
.mediago.io/	1970-01-20 18:48:04	Name: __mguid_ Value: 5fa1259d42c343d3415ec014c51078f4
.e-volution.ai/	1970-01-20 10:22:38	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 10:45:40	Name: ADKUID Value: A1210261728506740645
a.clickcertain.com/	1970-01-20 18:48:04	Name: _ccpx_u Value: 9b248308%2d7394%2d44b6%2db0a6%2df3774318ad7a
.inmobi.com/	1970-01-20 12:12:04	Name: idsp_c Value: 9a599f31-0731-4ef6-a5f5-80d495e58158
.bidbrain.app/	1970-01-20 10:02:35	Name: sid_cross Value: 11f2ee61-b8db-11ed-b7d5-52134f4f9444
.tribalfusion.com/	1970-01-20 12:12:04	Name: ANON_ID Value: arnseFNZaiMjAmemFmDgpdw5QrMo6PpFJ0c1EfF9SZccywQu3STK5UtLj4od0LLwRElFAyej1ZaIMXBFTheBGRN
.dotomi.com/	1970-01-20 10:02:28	Name: DotomiTest Value: 6f60f7c74a531870
.liadm.com/	1970-01-20 19:38:28	Name: lidid Value: 1f2d94ba-f9e4-4d7e-9c79-531bf2bd3a65
.dyntrk.com/	1970-01-20 18:48:04	Name: dyn_u Value: 05010002_640069b5923f5
.adnxs.com/	1970-01-20 12:12:04	Name: uuid2 Value: 2582813490691789145
.w55c.net/	1970-01-20 19:34:09	Name: wfivefivec Value: Sl3MURJ41PxF4c5
.yadro.ru/	1970-01-20 18:47:20	Name: FTID Value: 1a06cm1-AoeW1a06cm0026gT
.w55c.net/	1970-01-20 10:45:40	Name: matchgoogle Value: 5
.yadro.ru/	1970-01-20 18:47:20	Name: VID Value: 1nHjg805I6OW1a06cm002SLu

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://sci-hub.hkvisa.net/ Message: Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.hkvisa.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-4788083219224278&fa=4&ifi=9&uci=a!9&btvi=6&xpc=GzeYQPoew2&p=https%3A//sci-hub.hkvisa.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
aep.mxptint.net
beacon.lynx.cognitivlabs.com
c.eu1.dyntrk.com
cc.adingo.jp
cm.g.doubleclick.net
counter.yadro.ru
d.agkn.com
dclk-match.dotomi.com
dsp.adkernel.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
g.rtbrain.app
googleads.g.doubleclick.net
i.liadm.com
image6.pubmatic.com
img.sci-hub.shop
kitbit.net
m.nih.gov.scihubtw.tw
match.adsrvr.org
mweb.ck.inmobi.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb.adentifi.com
rtb2-useast.e-volution.ai
s.tribalfusion.com
sci-hub.hkvisa.net
secure.adnxs.com
share.pluso.ru
sync.teads.tv
tpc.googlesyndication.com
trace.mediago.io
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
img.sci-hub.shop
kitbit.net
share.pluso.ru
104.45.178.220
135.125.160.160
168.235.94.171
172.253.115.156
174.137.133.49
23.205.56.163
2600:1f18:4e9:5a05:b47c:f275:7921:ffb0
2600:9000:23ca:7800:19:fc2c:a140:93a1
2606:4700:20::681a:932
2606:4700:3033::ac43:a162
2606:4700:3033::ac43:aa45
2606:4700::6812:19ad
2606:ae80:1451:14::1050
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::68
2607:f8b0:4004:c08::84
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:820::2002
2620:1ec:21::14
3.235.208.25
34.102.128.115
35.168.146.43
35.172.37.30
35.190.0.66
35.208.249.213
35.211.178.172
4.78.226.224
52.223.40.198
52.55.14.74
52.87.130.203
54.184.34.130
68.67.179.166
69.173.151.100
8.28.7.81
88.212.201.204
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
0af524f2a665c75da94eb362f6d487be2583a3f527d9ff828360040dfc338ace
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e36d0d0662ff83906b59c84aef4120d07dd52bbfb289b3e72b69de03168100a
0ea891fc663d2f579465eb049cd12b9582079f0358c98c5ccd4980ab3283e860
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aaf78fcfed03884b5a2ff929cb9bc0af2968546e60a1b0de54ff48417bf8e3f
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672
41319636de97a7cc96c92a6f7e4b29713a5524bea39fc9cab76c2f2eece52974
42010ba524f3ea737e3d41bb92a10c105625b4fb795dd519e0f67bfbc1903bcc
4204d99ef5989dcc816c9601a4331b09b47c315f2c6073c41571a875867c7cb5
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46989820a9b0643099415ba7b00bd0e2e48ba06142c0b5ab3035818c2b303e0f
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
4aca17d412ade9f9a72a3d2d27f097a98af97daf83eb211af87c60b444178690
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
52bca6a61b3c34bf260314f881b596c9c9719324c4007c532d0bc9c3aa3c1035
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67775c51680c9a79083e38f7785bc8cef5099b4241b702204385bf01bb0b249c
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
7b7ed369c9ae686938e7c88b6252eafd6650c76c61e0f749c95d4c8687b35cce
7d2a985f6246d4d158a58fe3fc22f8c0e237b4c2bb13edd22bcaf645c515c52f
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
8131a513a9dc091336c2f1a626bf83f14e67d380ff422202aec3ed8350e966bc
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
960033a80d3119d5348c4e3435d34e69b841dff64ea518c2de3a5842cc6fe846
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b73a9de1f94520a870f9e2f51c8008c1fb28e8cac0a341a52f6e538de9d8e14c
b88d09b92bd97c459d5caa94206e524df883c058507a57efe65cce88f0ecf8d6
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bb08b68fa1b31eefdd289a2378210a4172d68a963da56f2e3f79b2529dc147c9
bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c358d20ff4b968e538fb50ea5ea7e9833d8c3843b0aa95926a623a8fec2e72a5
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d18579ef0b6d5a05ee88a9a11ed2b33c9091757e45c0c8db34f3c337efaca37c
d7f7043273a3d76ce583d8e654a3c64d8ff006515e7273cb8d44b605e29d67b1
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6a092ff10ae4e790757afce8e03dd4780b42a91f0d7bd3be00fda780c02d826
e75db49898e745334db21dfb96d74176a8e9b9bdc9acdd23dca4548e96fc7be4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41d261d10c0b3ea94ca91dd42bb247fa018be1f3997a8f2cda069668c75c51b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

sci-hub.hkvisa.net Open in urlscan Pro 2606:4700:3033::ac43:aa45 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

80 %HTTPS

42 %IPv6

40 Domains

45 Subdomains

17 IPs

3 Countries

1587 kBTransfer

3659 kBSize

48 Cookies

4 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sci-hub.hkvisa.net Open in urlscan Pro
2606:4700:3033::ac43:aa45 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

80 %
HTTPS

42 %
IPv6

40
Domains

45
Subdomains

17
IPs

3
Countries

1587 kB
Transfer

3659 kB
Size

48
Cookies

173 HTTP transactions
6 data transactions