sci-hub.hkvisa.net Open in urlscan Pro
2606:4700:3034::6815:3f4b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://agupubs.onlinelibrary.wiley.com.scihubtw.tw/
Effective URL:
https://sci-hub.hkvisa.net/
Submission: On July 13 via api (July 13th 2022, 5:15:53 pm UTC) from US — Scanned from US

Summary HTTP 144 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 25 domains to perform 144 HTTP transactions. The main IP is 2606:4700:3034::6815:3f4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.hkvisa.net. The Cisco Umbrella rank of the primary domain is 429394.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 11th 2022. Valid for: a year.

This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	168.235.94.171 168.235.94.171	3842 (RAMNODE) (RAMNODE)
1	2606:4700:303... 2606:4700:3034::6815:3f4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3033::ac43:a162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
9	34.102.128.115 34.102.128.115	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1 1	3.232.145.71 3.232.145.71	14618 (AMAZON-AES) (AMAZON-AES)
19	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:21d... 2600:9000:21da:2c00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 3	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
3 3	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	18.234.4.63 18.234.4.63	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	31.131.252.90 31.131.252.90	49505 (SELECTEL) (SELECTEL)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
144	20

1 168.235.94.171 (United States) 1 redirects

ASN3842 (RAMNODE, US)
PTR: 168-235-94-171.cloud.ramnode.com

agupubs.onlinelibrary.wiley.com.scihubtw.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3f4b (United States)

ASN13335 (CLOUDFLARENET, US)

sci-hub.hkvisa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81d::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2002 (New York, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:820::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80b::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.102.128.115 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 115.128.102.34.bc.googleusercontent.com

g.rtbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:809::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81e::2004 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.145.71 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-145-71.compute-1.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:2c00:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.90.30 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.151.100 (United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.234.4.63 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-4-63.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.131.252.90 (Russian Federation)

ASN49505 (SELECTEL, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 223	143 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	341 KB
21	sci-hub.shop img.sci-hub.shop — Cisco Umbrella Rank: 352896	583 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	169 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	7 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	1 KB
6	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 35638	56 B
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	254 KB
4	pluso.ru share.pluso.ru — Cisco Umbrella Rank: 149978	27 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505	4 KB
4	openx.net 4 redirects rtb.openx.net — Cisco Umbrella Rank: 1906	959 B
3	adingo.jp 3 redirects cc.adingo.jp — Cisco Umbrella Rank: 3461	1 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 372	1 KB
3	mookie1.com 3 redirects odr.mookie1.com — Cisco Umbrella Rank: 1052	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 667	634 B
3	rtbrain.app g.rtbrain.app — Cisco Umbrella Rank: 12236	38 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8351	1 KB
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 684	207 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1205	926 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 603	699 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3451	375 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	696 B
1	hkvisa.net sci-hub.hkvisa.net — Cisco Umbrella Rank: 429394	7 KB
1	scihubtw.tw 1 redirects agupubs.onlinelibrary.wiley.com.scihubtw.tw	195 B
0	kitbit.net Failed kitbit.net Failed
144	25

	Domain	Requested by
21	img.sci-hub.shop	sci-hub.hkvisa.net
19	cm.g.doubleclick.net	sci-hub.hkvisa.net googleads.g.doubleclick.net
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	sci-hub.hkvisa.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	fonts.googleapis.com	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
6	g.bidbrain.app	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	share.pluso.ru	img.sci-hub.shop
4	ssum-sec.casalemedia.com	4 redirects
4	rtb.openx.net	4 redirects
3	cc.adingo.jp	3 redirects
3	pixel.rubiconproject.com	3 redirects
3	odr.mookie1.com	3 redirects
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	g.rtbrain.app	googleads.g.doubleclick.net sci-hub.hkvisa.net
2	counter.yadro.ru	1 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hub.hkvisa.net
1	agupubs.onlinelibrary.wiley.com.scihubtw.tw	1 redirects
0	kitbit.net Failed	img.sci-hub.shop
144	29

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
hkvisa.net Cloudflare Inc ECC CA-3	`2022-03-11` - `2023-03-10`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
g.rtbrain.app GTS CA 1D4	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
g.bidbrain.app GTS CA 1D4	`2022-06-13` - `2022-09-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.pluso.ru R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://sci-hub.hkvisa.net/
Frame ID: 6517F49641A54312FED713056B98A915
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: 33EAB1E622199C12D221CB627C695C7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1657732545&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545035&bpp=14&bdt=1080&idt=141&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=7213047387705&frm=20&pv=2&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aCCsB7p8UF&p=https%3A//sci-hub.hkvisa.net&dtd=170
Frame ID: E5C7D4F3767C3FBBF2C2C4AB2D57F20C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545049&bpp=3&bdt=1094&idt=192&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cKIOHpyyyO&p=https%3A//sci-hub.hkvisa.net&dtd=199
Frame ID: 4FA25F1F376D47DB944F8CD5B7E7A579
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1657732545&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545076&bpp=1&bdt=1121&idt=180&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=194
Frame ID: 8BA88D1C52DC0720857ED611789F9495
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34
Frame ID: 7284C6E25C8F50640A2D0445E7CA71A3
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=1&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=N1vSnI5eIb&p=https%3A//sci-hub.hkvisa.net&dtd=40
Frame ID: 54E45E7FDE6F906A31B4D2049F31D2C1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46
Frame ID: 98F7680292D33653563DED7913239336
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1440028034&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=x3gxbIRKaA&p=https%3A//sci-hub.hkvisa.net&dtd=52
Frame ID: CB9E3C4380F66089241C9774B594924F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5F2476E5831C9362551530DE9E6F9BDC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F9D4BA03626BEBC6BAD520ECCDBE9CE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8A3798D3979D2F77ABDE15FBA07BB73
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 23CAA86EA614041A2FA279A5EFB74EE5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 098ACD23276368878375FA24EAA416EC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js
Frame ID: 5BAE881AC4A12CA6879B8F6FF6376397
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8AECB67CA1DD856D542EACB3BB28879
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E691575920B5F96837FBE1FC4878BB3E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sci-Hub

Page URL History Show full URLs

http://agupubs.onlinelibrary.wiley.com.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

144
Requests

84 %
HTTPS

52 %
IPv6

25
Domains

29
Subdomains

20
IPs

3
Countries

1535 kB
Transfer

3387 kB
Size

25
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://agupubs.onlinelibrary.wiley.com.scihubtw.tw/ HTTP 301
https://sci-hub.hkvisa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4BXZ9bthce8V-CX8T13ICCbwVeFt4pTvfBIoUBhh8pqV9jT8K-a8XuiTNRCK4rqPel27sDeARkkKVqF82Vx5KplDzB3MSE&google_gid=CAESEP1cUs133IPTrrSuiBfUXbE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM3OXdnQUFBVUN3dVZXdQ&google_push=AehlK4BXZ9bthce8V-CX8T13ICCbwVeFt4pTvfBIoUBhh8pqV9jT8K-a8XuiTNRCK4rqPel27sDeARkkKVqF82Vx5KplDzB3MSE

Request Chain 93

https://d.agkn.com/pixel/2175/?google_gid=CAESEGWPpmC3hNI4jhIS28SNvvo&google_cver=1&google_push=AehlK4AL7BklulXFfbNU-XLSgpC1y1vNMqYnERBXcJzNTlxGD2XiS7XnFL86HLjz4sDTS34CyBihB6YSiJv11NYfd5F7RZIEn3o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AL7BklulXFfbNU-XLSgpC1y1vNMqYnERBXcJzNTlxGD2XiS7XnFL86HLjz4sDTS34CyBihB6YSiJv11NYfd5F7RZIEn3o&google_hm=Q0FFU0VHV1BwbUMzaE5JNGpoSVMyOFNOdnZv

Request Chain 94

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4B1UPQCr1sBTdj66jJ1iwFysBFkcfrSVwhMiv8NhugCRahDg2do_at_c9tr04lSCPwACzIGBdQv3mEtn1DpyQLb9bpEiA&google_gid=CAESEHm1BtPrS1K_s5xJp7w1aaA&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCML7u5YGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BZWhsSzRCMVVQUUNyMXNCVGRqNjZqSjFpd0Z5c0JGa2NmclNWd2hNaXY4Tmh1Z0NSYWhEZzJkb19hdF9jOXRyMDRsU0NQd0FDeklHQmRRdjNtRXRuMURweVFMYjlicEVpQQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSDdudlpBbW01TXhnVlk5b1JWNUlHLUJwclhXY1FWTTVJSGhNcThsTVhTSQ==&google_push

Request Chain 95

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMCxsMqG3jxgvy-UyrwshzU&google_push=AehlK4AmRT-RCP3RL449Vp_SXfgrOjz6_ElTVWfT2Jb1WU2UC-LDCDcvg8cktZuvJHxKeGxLoWbQLJAp8eLnlQfjhD0OCaYVzPc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4AmRT-RCP3RL449Vp_SXfgrOjz6_ElTVWfT2Jb1WU2UC-LDCDcvg8cktZuvJHxKeGxLoWbQLJAp8eLnlQfjhD0OCaYVzPc&google_hm=MTA1OTg1ODg0MDczNzYyMjM2NTM

Request Chain 96

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESENH_ALD7CiCQX6jcCC3KnuM&google_cver=1&google_push=AehlK4DPeb_UnCHknHPqbkvUFWWmMDYLrpEmntZap7XKgPcbI0-DIuDwlUKn1E5_dlAcDX0V0onUFMywINzaGYJsmJPTSzkvIbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DPeb_UnCHknHPqbkvUFWWmMDYLrpEmntZap7XKgPcbI0-DIuDwlUKn1E5_dlAcDX0V0onUFMywINzaGYJsmJPTSzkvIbQ&google_hm=MTA1OTQ4NTg4NjQ4ODM0MzEzMjM

Request Chain 97

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4nmvhC26HSxty4DbuZ65o&google_cver=1&google_push=AehlK4CdEg5VoDvQy-QviUUgtVsNKkeRmdodVZaKUJilLt59TwsniNfO3E_3o45MXBHW4K0wqSFABne3n5zealjQFvR41AV1jtY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOSEgtUS1GQzVS&google_push=AehlK4CdEg5VoDvQy-QviUUgtVsNKkeRmdodVZaKUJilLt59TwsniNfO3E_3o45MXBHW4K0wqSFABne3n5zealjQFvR41AV1jtY

Request Chain 98

https://cc.adingo.jp/adx/push/?google_gid=CAESELWxiwI1gsjXU5mdmzTOtNs&google_cver=1&google_push=AehlK4A776QzAQNwsV-j1UfBS5G8MTBf3EFaF6c27nzYq01MR4rqfS_HZb3wyABdYxmTOIUOSh39HYrmcZ_8fXqoyiapNW5CZUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4A776QzAQNwsV-j1UfBS5G8MTBf3EFaF6c27nzYq01MR4rqfS_HZb3wyABdYxmTOIUOSh39HYrmcZ_8fXqoyiapNW5CZUg&google_hm=fad1f5e7cf5c752329a399a5d38ded02

Request Chain 115

https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm&google_hm=n_hoojbDzb8M6ogtyhU4wg==

Request Chain 117

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4nmvhC26HSxty4DbuZ65o&google_cver=1&google_push=AehlK4A9rvBEaJDueotLZzHlg8_pz7HKpZYFhcwJMz6bIiL_5iXETlSC7W4xvvb3BukCVZIKMntEP725hp3pvXvpBXWhAKZa7sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOTkItOC02TENF&google_push=AehlK4A9rvBEaJDueotLZzHlg8_pz7HKpZYFhcwJMz6bIiL_5iXETlSC7W4xvvb3BukCVZIKMntEP725hp3pvXvpBXWhAKZa7sg

Request Chain 118

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_cver=1&google_push=AehlK4DcxHMQmVkvJxg0ujcyyqF5-lbHtIgNhEKC4vOoNYukxLd1pxSlRTMyUKXNpRfcidsTrjv1NOEKCh9Jd4-PWbcnFd-d98h_ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_push=AehlK4DcxHMQmVkvJxg0ujcyyqF5-lbHtIgNhEKC4vOoNYukxLd1pxSlRTMyUKXNpRfcidsTrjv1NOEKCh9Jd4-PWbcnFd-d98h_&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79w5g-Ilq5q7if2PICwwAAAd8AAAAB&google_nid=index&google_push=AehlK4DcxHMQmVkvJxg0ujcyyqF5-lbHtIgNhEKC4vOoNYukxLd1pxSlRTMyUKXNpRfcidsTrjv1NOEKCh9Jd4-PWbcnFd-d98h_

Request Chain 119

https://cc.adingo.jp/adx/push/?google_gid=CAESELWxiwI1gsjXU5mdmzTOtNs&google_cver=1&google_push=AehlK4DLx9luoZjBJblOfL0LyL3UTYkwSlmzJRtL7DPRtkNgYGp2iUjAhQPCn8uRmeAtgo_7Byx-u9dPPc2TiTImhP5JWNWRR5Jr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DLx9luoZjBJblOfL0LyL3UTYkwSlmzJRtL7DPRtkNgYGp2iUjAhQPCn8uRmeAtgo_7Byx-u9dPPc2TiTImhP5JWNWRR5Jr&google_hm=fad1f5e7cf5c752329a399a5d38ded02

Request Chain 122

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESENH_ALD7CiCQX6jcCC3KnuM&google_cver=1&google_push=AehlK4BttSzGQaQW3sLpoUrIzSGxMXwSbP-s5bhAV4MvNWDvimtP60yJgvFJ7DMkr8TbAOdL8C5K3PhnupQ8iFv_bHz202_EYjxR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4BttSzGQaQW3sLpoUrIzSGxMXwSbP-s5bhAV4MvNWDvimtP60yJgvFJ7DMkr8TbAOdL8C5K3PhnupQ8iFv_bHz202_EYjxR&google_hm=MTA1OTg1ODg0MDczNzYyMjM2NTM

Request Chain 123

https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9rg HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9rg&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9rg&google_hm=n_hoojbDzb8M6ogtyhU4wg==

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4nmvhC26HSxty4DbuZ65o&google_cver=1&google_push=AehlK4C8x4rNIm8iEWFVNFSgqtOzz3pp4a_jg2o9sY7wC_90JamrjC-ySYlSaktvztrZKRDazu-eEBXTcj2BoSc25ufr34ZZ2Tpmng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOT1MtMUotOERDUQ==&google_push=AehlK4C8x4rNIm8iEWFVNFSgqtOzz3pp4a_jg2o9sY7wC_90JamrjC-ySYlSaktvztrZKRDazu-eEBXTcj2BoSc25ufr34ZZ2Tpmng

Request Chain 126

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_cver=1&google_push=AehlK4D9sIGlzfxEBNheSAadeia7MzVnU4OyLbrKQihUrTwV2cRsOGbHZUwNyKghlTUKJ_q4L-B0TkBAMMvCaEbKGXqfWY8npo1X HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_push=AehlK4D9sIGlzfxEBNheSAadeia7MzVnU4OyLbrKQihUrTwV2cRsOGbHZUwNyKghlTUKJ_q4L-B0TkBAMMvCaEbKGXqfWY8npo1X&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79wxo2zPMnlNCAb_IpRQAAACgAAAIB&google_nid=index&google_push=AehlK4D9sIGlzfxEBNheSAadeia7MzVnU4OyLbrKQihUrTwV2cRsOGbHZUwNyKghlTUKJ_q4L-B0TkBAMMvCaEbKGXqfWY8npo1X

Request Chain 127

https://cc.adingo.jp/adx/push/?google_gid=CAESELWxiwI1gsjXU5mdmzTOtNs&google_cver=1&google_push=AehlK4Amv8UGqS1bkZttQRbnv3AjV06A_kGXT_itMbGKSRKZoSWtn6I1rKqqYamQ4chfvxWGjiyQ3TKzPoP9uJXAo68Q4u9vhQO2sQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Amv8UGqS1bkZttQRbnv3AjV06A_kGXT_itMbGKSRKZoSWtn6I1rKqqYamQ4chfvxWGjiyQ3TKzPoP9uJXAo68Q4u9vhQO2sQ&google_hm=fad1f5e7cf5c752329a399a5d38ded02

Request Chain 133

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

144 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sci-hub.hkvisa.net/
Redirect Chain

http://agupubs.onlinelibrary.wiley.com.scihubtw.tw/
https://sci-hub.hkvisa.net/

27 KB
7 KB

590ms
555ms

Document
text/html

2606:4700:3034::6815:3f4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3f4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42010ba524f3ea737e3d41bb92a10c105625b4fb795dd519e0f67bfbc1903bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=43200 no-cache
cf-cache-status: DYNAMIC
cf-ray: 72a3a98c3d778c8a-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Jul 2022 17:15:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 14 Jul 2022 05:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IP1qi6f7ungF1Gsv39UWkZoDLU3dlw3vhcDVb4utGmaq40HqKvtOpv3MEGpZkSvBt664rOKdyqHd7S3ToJLN0K3aZtMItMk6Yos1uK%2BBQ6magUdCylKvaku%2FCgW85OakII4Hn3nG90WUmRvEeq7l61Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-cache: MISS MISS

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 13 Jul 2022 17:15:43 GMT
Location: https://sci-hub.hkvisa.net/
Server: nginx

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 488ms
39ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
server: cloudflare
etag: W/"5c00bb7c-152b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aR3UQTD1IXnhnTlo%2Bw4Cy0MPHPnJQKt380aF6lo%2FehwXBX5HHJZhpiOe1l0NpMs3LPYZ2sT15dtAvGgGMGYOQFl4V9%2Bg5hQfE5PuNtVJO7vSyv%2FA6AwIzHR1%2Bs81CSEujG1kn3fB3zhFTUZ89yBz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 72a3a99298068cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 510ms
62ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
server: cloudflare
etag: W/"5c13665c-3dee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOhVJ8PzMtMLZs%2BXBtlSMByy%2B4XcwKRICIAw1zsfuKQNBbqzGNRMyBc6bhBK50JU%2FtwqQJEi%2BH4wtfm9AVQW3qPy8bKCVjVcKOVE6oxXICLEQcFp86tiqa%2Fy6KcRH6IAOqeWPJxzBWZI2lGcMval"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 72a3a992980b8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
24 KB 485ms
38ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
server: cloudflare
etag: W/"5c00bb8c-1798d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX0S4ou5JJl%2BOJUjni2%2Bj3XcNCJaQYUzOjdzdYcQJWv3JvfmfrXf2uk%2BPnfSdXkHt6nyg1mMOm1gj894CoS%2Bh90q1h4%2FmJ3p2v2pQAw8%2F0fs1%2BHHYWmTt0Lx8eCjiwXHaoeiWI9bFbEmsvM%2Fbjlh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 72a3a992980e8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 29ms
23ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKZICEDEEYhnPwGyZkApCJru3gEUpwiE2UNFVMgWIja4Zi3UFGHn0vjzAqIcpjvuQrtEje0Y7QxFQV1P%2F2WM8XnEm942B9YFyQYfdlxlu3voA02CAoWaD7BbDXK3zDS8bKe1ffJkcSIsM1%2BI0By3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a99309228cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 21ms
20ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVTlmeOciDxFqN8MVrOcrHp9rgWKyJZvwJLnuBCqWnqP%2FLLzGrvx1Hw546KMM4DDzULT0IFtAGVy1bbajMvHBWQzyDBeEieHYhIdjnmRV3yfJtdzYWY8JLUEXAmwJzxRb5GdsAYoeSvTlwrwhH%2FS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993298a8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 173ms
51ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

914fd1ee31d6b2a73d115f71e9501924435de5fc34f784868669ffef53df19af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56495
x-xss-protection: 0
server: cafe
etag: 6852104856861757470
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Jul 2022 17:15:44 GMT

GET
H2 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 40ms
39ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681660
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1wW1oYEDHAIxqwqJicBxF7UJGIQOiIQbKjBLpDIr1V7IglYVKcYKoJioVIow5pHWGuHIAUnDkv09IM5WgA4qukl9WGKbfBS3NVVVomTFCFYruQ86JX3gnYdJAJK4aj7lUNFk%2BOCpeNSIsp1F%2Bfa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993ab1c8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 32ms
28ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0o6aw%2Fvw%2BXQi9P%2BmsSzY1py6gu1Yk%2BzY0qnKZWUjF5Eg%2Bd%2BFdklg%2BZn4Ak8lJRqIDCFihNtTxCqTx2hZFOGHKpK6wHHCeEZZuChUOHKFkFrNUBXVam6IM2Od%2BFEzKgotg1NMgaQ56WCayVL4WSX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993cb998cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 39ms
35ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1537656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgvNq1IqwxXI%2BBZ9MNjhdHsiVjUgfvmGUIm%2FiQWvMZhyzejL3jV48ciOCyjG50Ur%2B4eefjrVxm0YAsDSSPhDHToLwgm77Z8HgICUGC3tpX%2BEH5wql4IbXqHrCPlNMfkht1yUf70CiC4N82jd5HB8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993cb9f8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 23ms
20ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nm%2F13h%2BBsYpx0iRtLv5DVslHTbAbbyVuRDuEJC35PZzz50SH5IlGOLRJH5WNcOF0ybZMdFyfzeM%2B9B5TJJ1DCS1gS0504aCIEe5hr8ZM9U%2BmbvmtLKcCHIfJIB3JhPqloONWuoFAwrRGlcE%2B5m8%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993cba68cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 27ms
24ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3J1O7icM%2FkmtANXlog5g1fWQ11gPIsDftZ8XaDHvVEPagCAU9mWVq5Mv9cgAsMB61lp0pv0k90HmRRvQ7TsuJU%2BITk1MpicUpTpWTi%2FvlhiNOewflAjqt6nsTf0nnLqZ%2FfYKT5i8y1vPb7sK2R6J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993cbab8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
1 KB 34ms
20ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmdBK%2BRmwED13L6W3U1sgWlIrhNnDk32pcHDx9A4Coecl4cicw0hybebY7csS1sg92BqrZRNy5W7IGniaMtpwYUh7QaT%2FQBkU44%2BK7H1NnLbs3Vy0rHnJh4FcLL20KMaAKnI6D%2F8OwkzjcT%2Ftklo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993ebea8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
1 KB 44ms
37ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRmS%2F1i%2BVAmcYQQV%2Foyy9lJzMmbtFSJZ4C6b4fsc4CY851Xk9J6obddMTLNrzIrT8bEeYG24CBgQGIDtdmLTt6%2Byt2TYMyWr8FicLDwBWaaqqwLF1%2FRiQogrhgUybFz5FIsIO%2FwZBGiyTDmP4Bab"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993ebf78cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 35ms
29ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1537656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXE6Uun1jiDS8D7n1Q9Gmt5Pkh7oG3YRjIgIEtshY6CmbzJYT2Uw4aEW%2BhccWsiAE6US6K853yvrznrwPDpGOEjqExi%2BrneQ3ym9tfjS5IZjRh4wpwF22oAyNflHqwlqurvZF2Jf9aXk%2B6JoLj6F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993ebfa8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 33ms
26ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681669
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTA6GeHVsEtokLQm6Fn9fADhtGCuJKw0CNLdJWX%2FinQDkrrQEbz4G53FH6mOHYFRxfENFzyIIORL6XiDCikc1MtbhhXNu7LPwyOwAaOXPvCULcUDHwgt3FHyNdk04jvF8NuTagmehwgd2gvAPpZn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993ebfd8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 36ms
30ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qE1OPYOtzYdAnXNkxYVTiySay%2BGG6kQv3zjz6gMXrG4S4uz9ZdYeVmdKu33s3vPLALcTWOyIuWn0h7f0oXIZDqUmntga72jIidVZEX5a8WhkJ2Kod8k5dBBrZM0pb2wqgpD4Jqz7zAkhhMzkCXc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a993ebff8cda-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 53ms
51ms Image
image/jpeg 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Pv6npxC%2Bf4p7TEUhpPFtaNmLTBwfgA8rIYDAE9TmLWrhPzSlahdbbPowkW0PBcV88qs1SDT2huRVhDi9BxZZgsw4NOZF7c9biykKx%2Bty5lUsi7KXlc8CNk%2BxoPQJnQKq2d1PaA%2B8CHr2mtc%2FCKH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a994bfaf19bf-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 51ms
50ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681669
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1NsjnEPE%2Bg1fOjIeWjZ9G7iAjcHKmyIvqiseTa6fS4aXGOUlLaIj4%2Fo87dn7cSmEmDUD1%2BLrLYI2r3gVz07wM%2FaMmm4smUlhDGIwKCdSwQBbSFibSEoTwCiCxV7Z3cZ41ZGRo86kuvYlt5Iq64g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a994bfb419bf-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 56ms
54ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1537596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4YHCwvHATPVVbUwBV6itiqTOQtlZWlkEqucvFCsEZqFwBJYnetpz7KygDA%2BgwTP8LsgV1ZUvJ2jXxL08VrRAicIZow9qJDzp33y980iBOZY03L6LkX9XYPrdn%2F2HX7qcvC7llmbFp6Lx6lfEv8%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a994bfb619bf-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 37ms
36ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681670
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5EW0qZNccOxwseM%2Fka5vFka7DrlSaiIPQGfn3HLW6MuxDZckEJsYCVTlGhZuoFSndP004lOwWadbTTPD%2F7kg%2BJ8fug0ZlsJAHxmbbcMXuQza%2F2PW2qVosExM%2BLH%2FlFnQSpcxrXWGjdVQ5tsdVRn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a994bfb819bf-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 43ms
42ms Image
image/png 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1681671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL5tBJkWGDbQ9OExjK9AWC0SlklOJLhUn166cAnOjbIwEWmnDTZWtWmyTzOT%2FxGSX32BA7Ul1ds9C340epCVjCTIQDDAGyVipw2LruKtmEgtyqS1wryy5UPgwqKEMJ3p0q1xZJ2C2xLQQT3sWvYF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 72a3a994bfb919bf-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 23ms
22ms Script
application/javascript 2606:4700:3033::ac43:a162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1455123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
server: cloudflare
etag: W/"5c00bef8-a5cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlXh30PR9IWVJdvp6crffn9QGQ9WVgTUb%2BXFJEZMxGR8PO%2B%2FvZFzHFs%2BIhs3pJCDwcKL8EDGK%2FP16nFzqreq0w8G9PXQ3PhISU3OopDEiNzG8FbDj5jg0PAV8ABeNrIhSxabHQxVJA8fmMVWc8bX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 72a3a99558d919bf-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 340 KB
120 KB 52ms
39ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d39af6761e143a08b5c1612f0ee7d3395ad0ee0aa049edea75711f780f69ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122486
x-xss-protection: 0
server: cafe
etag: 13711592345025563404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Jul 2022 17:15:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 33EA 10 KB
5 KB 55ms
5ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 20:31:58 GMT
etag: 10429905676100781186
expires: Tue, 26 Jul 2022 20:31:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
696 B 43ms
23ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3a9dd9c293a3d3ac79dc8c9c67ed48a2a3c1b390b37d6de7926759d3271ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
24ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jul 2022 17:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5C7 84 KB
31 KB 1006ms
982ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1657732545&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545035&bpp=14&bdt=1080&idt=141&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=7213047387705&frm=20&pv=2&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aCCsB7p8UF&p=https%3A//sci-hub.hkvisa.net&dtd=170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf7b1322be2cd54fc5d30dd0cf55c310a21d5cc55030dd34065cc9231c7292c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31415
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:46 GMT
expires: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FA2 56 KB
16 KB 167ms
166ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545049&bpp=3&bdt=1094&idt=192&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cKIOHpyyyO&p=https%3A//sci-hub.hkvisa.net&dtd=199

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6c2fc04c13c6630cfe3ed0df75a34fe3a52299fdfe9703697c968c39196fd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 16771
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:45 GMT
expires: Wed, 13 Jul 2022 17:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 20ms
19ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8BA8 93 KB
23 KB 214ms
213ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1657732545&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545076&bpp=1&bdt=1121&idt=180&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2f64c2d74052e843ecbfb847a65ea4610bcb1eac94b1c04808d5f14e7cd71f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:45 GMT
expires: Wed, 13 Jul 2022 17:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4FA2 4 KB
1 KB 45ms
21ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545049&bpp=3&bdt=1094&idt=192&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cKIOHpyyyO&p=https%3A//sci-hub.hkvisa.net&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:42:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4FA2 1 KB
500 B 45ms
22ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:50:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 4FA2 3 KB
1 KB 28ms
5ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:14:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FA2 138 KB
43 KB 58ms
39ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 17:15:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 4FA2 17 KB
8 KB 27ms
4ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:08:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4FA2 0
0 28ms
27ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTqxawf3OYuWcEY2vsQfohpqgB4u_iK5m8brp9f8OwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OKABzqb-1QLIAQmoAwGqBM8BT9CwNlcx4XrE-kTaa9pTIbeKTPK0dlr9atQHfJoyxiUCgSfnCQsuYP9BRigg_SlCdakpLCHW3aJEl6-GI5N0tNup002no3O3W7wiqU5g7_c2bF47eL-Rng_JDX-UjtRWxoMopuh0zlEx5laz1VqKeIGq4QLxD8cygKqWkw1lplBsoqOCeOQZDW733LdSsN3hIXW-gzGJeImULjBzrsI3ov9r6O5JG4j0-D0YL0nFdUtZQYQW--q1zSILxjMyZx5mxCAcJ1dBrEp1bjmbkDpVgAbKnKfz3KOinwigBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Nzg4MDgzMjE5MjI0Mjc4GAA&sigh=lpWzUYMQaKo&uach_m=[UACH]&cid=CAQSGwCNIrLMTp6iWxqlhgWp2sLAyp1j_ymbnisqlxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545049&bpp=3&bdt=1094&idt=192&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cKIOHpyyyO&p=https%3A//sci-hub.hkvisa.net&dtd=199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Jul 2022 17:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Jul 2022 17:15:45 GMT

GET
H2 204 rtimp
g.rtbrain.app/ Frame 4FA2 0
0 66ms
47ms Fetch 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.rtbrain.app/rtimp?sid=6e7c2c28-02cf-11ed-937d-ba60a1afd250&d=sci-hub.hkvisa.net&cr=dts_gen2__25&a=imp&p=Ys79wQAETmUK7FeNAAaDaMztdj9--UIrlFBnyA&im=3KbPQkUeFx5oLH-x1f3Utjgkk5il-n9bLBVxlBU1CJSqlAIvhF-GMnGIRvP0-6QNOIdk2Alo7uVYlkwcD6hncvumuprvgdI60npr1OyPX_U8it-gKJrzBAQB1F0JFzzGAB3BGh3XWNgTuBkvog3h-1WRRd7rWBtriJpabgVFV5MCpBnNmK4BvjqxOEqmedue_fYQoFvfgZZ2-kMmoDKcwJqMRxnZvPVOMOBstncQgXJ-oSqxJ9-eUxBBCab78qnlXUVwjhFPhtYw3rXgtfLBSQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545049&bpp=3&bdt=1094&idt=192&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cKIOHpyyyO&p=https%3A//sci-hub.hkvisa.net&dtd=199
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:45 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H2 200 8QINdiTajsj_87rMuMdKyqDiOOg.woff2
fonts.gstatic.com/s/secularone/v11/ Frame 4FA2 11 KB
11 KB 48ms
21ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/secularone/v11/8QINdiTajsj_87rMuMdKyqDiOOg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Secular+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46989820a9b0643099415ba7b00bd0e2e48ba06142c0b5ab3035818c2b303e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 04:41:08 GMT
x-content-type-options: nosniff
age: 131677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11256
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:54:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 04:41:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4FA2 15 KB
16 KB 30ms
4ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:35:49 GMT
x-content-type-options: nosniff
age: 596396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:35:49 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 149 KB
53 KB 32ms
32ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/reactive_library_fy2019.js?bust=31068418

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f65f5abc4512269896cc7448cc534347897da84aeb16e2ac29f697dfe3986c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54369
x-xss-protection: 0
server: cafe
etag: 16718752990687694614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Jul 2022 17:15:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
21ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jul 2022 17:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7284 66 KB
20 KB 260ms
250ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7217d6a1e5f03329de1b3e3dbd79d566bf1a18f416e62c4be40b8c83bfb378b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 20652
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54E4 65 KB
20 KB 195ms
186ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=1&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=N1vSnI5eIb&p=https%3A//sci-hub.hkvisa.net&dtd=40

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a30c1599b31e9ec3ac3354bd41418e7e96847fd10fafaf656ca69d97c5be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 20390
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98F7 66 KB
20 KB 275ms
266ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca5d475b03e9d0b7f6f4582556362e6fd6d04f80efbd8dc4368b14dc4b1fafbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 20691
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB9E 436 B
234 B 200ms
191ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1440028034&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=x3gxbIRKaA&p=https%3A//sci-hub.hkvisa.net&dtd=52

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8451ebb9ccbf3241ebfbabd163130c40f35d08657ad2da037119674925c1e892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4FA2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad9634a32c6af2a96442c748b89ee7e33e7da853c55bf2e2bd0a91ce729a1838

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 rtimp
g.rtbrain.app/ Frame 4FA2 0
18 B 47ms
35ms Image
text/plain 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.rtbrain.app/rtimp?sid=6e7c2c28-02cf-11ed-937d-ba60a1afd250&d=sci-hub.hkvisa.net&cr=dts_gen2__25&gid=&a=imload&p=Ys79wQAETmUK7FeNAAaDaMztdj9--UIrlFBnyA&r=1735978720&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:45 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/ Frame 5F24 10 KB
4 KB 12ms
6ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 72796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 21:02:29 GMT
etag: 10429905676100781186
expires: Tue, 26 Jul 2022 21:02:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 5F24 4 KB
636 B 36ms
23ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:45:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5F24 1 KB
427 B 34ms
21ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:51:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 5F24 3 KB
1 KB 27ms
6ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:12:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 5F24 17 KB
7 KB 30ms
8ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:08:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F24 138 KB
42 KB 41ms
28ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 204 rtimp
g.rtbrain.app/ Frame 5F24 0
20 B 37ms
36ms Image
text/plain 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.rtbrain.app/rtimp?sid=6e81cf8e-02cf-11ed-b7c6-ba1ca36ecf07&d=sci-hub.hkvisa.net&cr=dts_gen2__16&gid=&a=imload&p=Ys79wQAEswEKwWmEAAkT6akEFk9M8rRBJL3NhA&r=533445918&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 54E4 4 KB
636 B 29ms
26ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=1&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=N1vSnI5eIb&p=https%3A//sci-hub.hkvisa.net&dtd=40

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:50:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 54E4 1 KB
427 B 28ms
25ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:52:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 54E4 3 KB
1 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:12:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 54E4 17 KB
7 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:08:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 54E4 0
0 243ms
23ms Image
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjKRI5Q63F7VZF5De36mE0ABiND6HFPyiZsLFC0-kVR8ltNIwojrk3LDgAegTnYH28qnvi1Um6EIB1pyqZq_KqlAWnZw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=1&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=N1vSnI5eIb&p=https%3A//sci-hub.hkvisa.net&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54E4 138 KB
42 KB 41ms
39ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54E4 0
0 35ms
29ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C76qiwf3OYpLiO4ashAaJgKaIC4u_iK5m8brp9f8OwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OKABzqb-1QLIAQmoAwGqBNABT9BM1ySGnJPmN9IQW3ZyVKNe30OGx97W_ETck19vSdXmqVzLqhP89BMaJk6qfgosX4VbqQdmIu9Q7XCmlpVl6ruOicN73TRh15zlroqikOHxaONHzLxgrve_HKncDxDTGDD18nH4HREmuNJeTsmSDka5JWsxNMhtE-xcM2L55tYrTzVTVW7xGhZomJbjHD93tk-lv50JfKUOc96glnUwNb_1JO1gnTpqD6GciYf2-Qa9t28T1i3mdMNtub8fXIXVzekwyii9Sf-6E0-GBXElEoAGsvvXoquXr8XqAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=6SdJOOymS0k&uach_m=[UACH]&cid=CAQSPACNIrLMt31MAkuXpmG7F_92T7mB99wfr1i7TA93uk2s_jr2K9EvNAEyaAttS2aPNAFq4dFaN-fk4n1B4RgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=1&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=N1vSnI5eIb&p=https%3A//sci-hub.hkvisa.net&dtd=40
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 rtimp
g.bidbrain.app/ Frame 54E4 0
0 266ms
48ms Fetch 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=6eea4a78-02cf-11ed-b872-2a558fdc7846&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_tops&gid=CAESEDj0y3dBVOTkhFEC-nqyQTw&a=imp&p=Ys79wQAO8RIKwRYGAAmACYTB66y0T_MfovT97w&im=tkRTbCuM_sn8qf1EAW6znCKPG6QcaH0UdzSB1Fsp-MuthL3AFm96vqb5W0A6EVfNfNZY1BPl2K85C3XtZz1zuw1Vtc5Qo7wUqb5vWJXqFtzoksY0fDIeccpwSqv4hYmeXrvloPT_-RG_Qxz968kvN_gEIOihWYQOdzvy3TF5s58O1TTo0hJot0Ca57-Kh6stmlsrcmHdLb-J2JfTJ4R4zAfVYuzrpIOgqeBFVLLfgeQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=1&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=N1vSnI5eIb&p=https%3A//sci-hub.hkvisa.net&dtd=40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F9D 1 KB
749 B 19ms
7ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 19:22:06 GMT
etag: 48472445140208031
expires: Wed, 13 Jul 2022 19:22:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 7284 4 KB
636 B 27ms
25ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 16:09:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7284 1 KB
427 B 36ms
33ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:45:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 7284 3 KB
1 KB 31ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:12:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 7284 17 KB
7 KB 19ms
18ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:08:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7284 0
0 78ms
37ms Image
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvb215os1lybis6VnCSfvDSGuR__B9U7SmLOrbx-Qg2RecGsJePFIBrFtivCNSyKr4fyJu0KduAmbOU0H2FJv4PmF1Hw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7284 138 KB
42 KB 102ms
91ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 98F7 4 KB
636 B 32ms
30ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:43:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 98F7 1 KB
427 B 50ms
50ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:50:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220713/r20110914/client/ Frame 98F7 3 KB
1 KB 36ms
24ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220713/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 16:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:59:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220713/r20110914/client/ Frame 98F7 17 KB
7 KB 17ms
16ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220713/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 16:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:26:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 98F7 0
0 70ms
33ms Image
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXBRT8lkfI-mQ9C9ze-JAr7uixak0PqlJTQWzYXD5241Vi3APCIZjDO1iChqTwkZj895PKd_pme9IOCfh5y-VmKW0NCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98F7 138 KB
42 KB 91ms
82ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H2 200 a77111f73cee77a1ef6933220544de63.js Show response
www.gstatic.com/mysidia/ Frame E5C7 10 KB
5 KB 62ms
5ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a77111f73cee77a1ef6933220544de63.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1657732545&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545035&bpp=14&bdt=1080&idt=141&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=7213047387705&frm=20&pv=2&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aCCsB7p8UF&p=https%3A//sci-hub.hkvisa.net&dtd=170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467604f1339295ef3861c54dc14e4f6cee9a7e72f207c72ef4a1499c86ac2291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 16:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4369
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 00:09:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Oct 2022 16:26:12 GMT

GET
H2 200 ad228488b2e9567307ebdc8a9c20376b.js Show response
www.gstatic.com/mysidia/ Frame E5C7 10 KB
4 KB 62ms
6ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ad228488b2e9567307ebdc8a9c20376b.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1175ed541da3206620523b17b435df203157471aa550e425fdc47354a6adfbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4295
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 00:09:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Oct 2022 05:01:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E5C7 8 KB
893 B 51ms
34ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 15:40:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 17:15:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E5C7 2 KB
902 B 12ms
6ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 16:19:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:19:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame E5C7 21 KB
8 KB 40ms
29ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:15:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E5C7 3 KB
1 KB 29ms
5ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:12:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame E5C7 17 KB
7 KB 22ms
10ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:08:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5C7 138 KB
42 KB 81ms
70ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 17:15:46 GMT

GET
H3 200 9fbfea14cd545ec81bc54d3c558bfb70.js Show response
www.gstatic.com/mysidia/ Frame E5C7 31 KB
13 KB 47ms
8ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 00:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13103
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 00:09:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Oct 2022 00:00:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7284 0
0 44ms
33ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzBcWwf3OYu_1O6X0hAbVkp_gDIu_iK5m8brp9f8OwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OKABzqb-1QLIAQmoAwGqBNABT9B7Vqrp9qvBI_cA4XGct1sFKouOY2S7fIc6ab2rWg9HRs-5CPiDMslT8WeoF7DsQuZ7rlG0gVdjHaesG9L26NdWs9QePGFc5Ym32jeN03EiCU0dPDNyk3htL-asOAuFbaBxwTQ4bPH_mQHlGtT8hdNYfxKg6NksivGkItzAA_v9Ess1yPXHT_jKLVFriF6wJO04K6k7oQQKj3F-7Igg2U7CHbqVRJcXk03SFd5uESobk9FoRWSeCUnzFNjynQepYDYydesfS7cG0r2azffdmYAGsvvXoquXr8XqAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=O25BvGjBpWo&uach_m=[UACH]&cid=CAQSPACNIrLMzL9w_4GScm8YOktfvvaYjM4HUlq6O5CJb9wyjc116FkoYVFmX7Y4IuSOSZxv_Zvnv-lNwZRhWxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 rtimp
g.bidbrain.app/ Frame 7284 0
0 85ms
47ms Fetch 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=6eec3e3c-02cf-11ed-a2d5-1af5a834b99c&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_tops&gid=CAESEDj0y3dBVOTkhFEC-nqyQTw&a=imp&p=Ys79wQAO-u8KwTolAAfJVUPVoZjAEz8g7icr6A&im=3TomNEKECqJG-a7QdDytmfcfenkp0JP21wFaWtbl8flUnPLHPj2I_4dj6qBq9jc0apmn7vUYlgZpv_3HWRq8-B5thTxLPhrZtAOZ_FQM-nwrJv3J478eZ3OoKBbezcVMTEbcJGcQsNbIwW6T4gDXGPOC65E1cGJU9VYVM8qYplhSbovrptdYCb_DlClZMSQoGLyVMt_XPMq39hUvF4SrlrtP1Vd1hlJSWxxdA6ZToYI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 98F7 0
0 56ms
44ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmxi4wf3OYtnrO8zAhQaZnJ-wDou_iK5m8brp9f8OwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OKABzqb-1QLIAQmoAwGqBNABT9Bm2JyFscq3Z0CQHVerTFVMp0wqbdEDr_LNd167b71tmL_PWH04nrh735fN0ivsIvA5JUzze4Q4vIvZqrTfH6cKeXWGaquCo-cJprpQouW4n_8APA7evLzDmBaNiOSPtCeZ1zxbSZPpVixkHxwldQr10ZdvTOxp2owQOLaRD9ZWA8xTQ7yU1tLCJ43MdmCKBw57ZnhgTXAB1_kQNfoN9xXq3bT33iKN9QEtIBSscxMh6_7fkOnLuGB9rDxoCezesUVHQ77InpGrAnXxyHSnVIAGsvvXoquXr8XqAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=fFx_jct0n_U&uach_m=[UACH]&cid=CAQSPACNIrLM9i-wFwUAwYmrdSWacHtmv1-ZhmCl8j85CHjp3F7zlU8tzmSSfykAaTSi4PFgHo2NjMGNmlB84BgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 rtimp
g.bidbrain.app/ Frame 98F7 0
0 81ms
48ms Fetch 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=6eeb2e52-02cf-11ed-91e7-963ecfb09b2e&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_tops&gid=CAESEDj0y3dBVOTkhFEC-nqyQTw&a=imp&p=Ys79wQAO9dkKwWBMAAfOGVvotmdybu2xLA72pg&im=5WB66BquWxC1hd8YNhXLyP0L__naM67gWf-sxFQZ3hfPF31Zwpc-u1yZjNvTmxVHJVxK45xsOaTBmZ7C3WeAeWZQ41LF0Ok6dck5ZNKPOK7uuNFsStgLQQ7Ozrh4KkjW3zTZa89wL307haciw1KXMLLBoCx01p8eeNbGM6s0eNClim6u5-eLNCDAo_E91QLaifWPTS5KKNcAKN0aVv6QDkCDYNNBTYf3EshUmBvhEG4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 54E4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89b02249a8c8f41eee9a90caa167d49345f20dbde31fb679c341f926323a7c32

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 54E4 15 KB
16 KB 36ms
7ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 596629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:31:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 54E4 15 KB
15 KB 33ms
4ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:35:49 GMT
x-content-type-options: nosniff
age: 596397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:35:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F9D
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4BXZ9bthce8V-CX8T13ICCbwVeFt4pTvfBIoUB...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM3OXdnQUFBVUN3dVZXdQ&google_push=AehlK4BXZ9bthce8V-CX8T13ICCbwVeFt4pTvfBIoUBhh8pqV9jT8K-a8XuiTNRCK4rqPel27sDeARkkKVqF82Vx5KplDzB3MSE

170 B
188 B

55ms
49ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM3OXdnQUFBVUN3dVZXdQ&google_push=AehlK4BXZ9bthce8V-CX8T13ICCbwVeFt4pTvfBIoUBhh8pqV9jT8K-a8XuiTNRCK4rqPel27sDeARkkKVqF82Vx5KplDzB3MSE

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM3OXdnQUFBVUN3dVZXdQ&google_push=AehlK4BXZ9bthce8V-CX8T13ICCbwVeFt4pTvfBIoUBhh8pqV9jT8K-a8XuiTNRCK4rqPel27sDeARkkKVqF82Vx5KplDzB3MSE
Date: Wed, 13 Jul 2022 17:15:46 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F9D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGWPpmC3hNI4jhIS28SNvvo&google_cver=1&google_push=AehlK4AL7BklulXFfbNU-XLSgpC1y1vNMqYnERBXcJzNTlxGD2XiS7XnFL86HLjz4sDTS34CyBihB6YSiJv11NYfd5F7RZIEn3o
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AL7BklulXFfbNU-XLSgpC1y1vNMqYnERBXcJzNTlxGD2XiS7XnFL86HLjz4sDTS34CyBihB6YSiJv11NYfd5F7RZIEn3o&google_hm=Q0FFU0VHV1BwbUMzaE5JNG...

170 B
188 B

62ms
38ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AL7BklulXFfbNU-XLSgpC1y1vNMqYnERBXcJzNTlxGD2XiS7XnFL86HLjz4sDTS34CyBihB6YSiJv11NYfd5F7RZIEn3o&google_hm=Q0FFU0VHV1BwbUMzaE5JNGpoSVMyOFNOdnZv

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 2b32055d9226f21c6a6dab015aed37ce.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AL7BklulXFfbNU-XLSgpC1y1vNMqYnERBXcJzNTlxGD2XiS7XnFL86HLjz4sDTS34CyBihB6YSiJv11NYfd5F7RZIEn3o&google_hm=Q0FFU0VHV1BwbUMzaE5JNGpoSVMyOFNOdnZv
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: kn_53zJsOOD6-t0-D_ymcQ6HKKtH1Dy2Z5xbZaw27Bs_coMoqd4ldA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F9D
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4B1UPQCr1sBTdj66jJ1iwFysBFkcfrSVwhMiv8NhugCRahDg2do_at_c9tr04lSCPwACzIGBdQv3mEtn1DpyQLb9bpEiA&google_gid=CAESEHm1BtPrS1K_s5xJp7w1aaA&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCML7u5YGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BZWhsSzRCMVVQUUNyMXNCVGRqNjZqSjFpd0Z5c0JGa2NmclNWd2hNaXY4Tmh1Z0NSYWhEZzJkb19hdF9jOXRyMDRsU0NQd0FDeklHQmRRdjNtRXRuMU...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSDdudlpBbW01TXhnVlk5b1JWNUlHLUJwclhXY1FWTTVJSGhNcThsTVhTSQ==&google_push

170 B
188 B

35ms
34ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSDdudlpBbW01TXhnVlk5b1JWNUlHLUJwclhXY1FWTTVJSGhNcThsTVhTSQ==&google_push

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSDdudlpBbW01TXhnVlk5b1JWNUlHLUJwclhXY1FWTTVJSGhNcThsTVhTSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F9D
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMCxsMqG3jxgvy-UyrwshzU&google_push=AehlK4AmRT-RCP3RL449Vp_SXfgrOjz6_ElTVWfT2Jb1WU2UC-LDCDcvg8cktZuvJHxKeGxLoWbQLJAp8eLnlQfjhD0OCaY...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4AmRT-RCP3RL449Vp_SXfgrOjz6_ElTVWfT2Jb1WU2UC-LDCDcvg8cktZuvJHxKeGxLoWbQLJAp8eLnlQfjhD0OCaYVzPc&google_hm=MTA1OTg1ODg0MDczNzY...

170 B
188 B

67ms
43ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4AmRT-RCP3RL449Vp_SXfgrOjz6_ElTVWfT2Jb1WU2UC-LDCDcvg8cktZuvJHxKeGxLoWbQLJAp8eLnlQfjhD0OCaYVzPc&google_hm=MTA1OTg1ODg0MDczNzYyMjM2NTM

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AehlK4AmRT-RCP3RL449Vp_SXfgrOjz6_ElTVWfT2Jb1WU2UC-LDCDcvg8cktZuvJHxKeGxLoWbQLJAp8eLnlQfjhD0OCaYVzPc&google_hm=MTA1OTg1ODg0MDczNzYyMjM2NTM
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F9D
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESENH_ALD7CiCQX6jcCC3KnuM&google_cver=1&google_push=AehlK4DPeb_UnCHknHPqbkvUFWWmMDYLrpEmntZap7XKgPcbI0-DIuDwlUKn1E5_dlAcDX0V0onUFMywI...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DPeb_UnCHknHPqbkvUFWWmMDYLrpEmntZap7XKgPcbI0-DIuDwlUKn1E5_dlAcDX0V0onUFMywINzaGYJsmJPTSzkvIbQ&google_hm=MTA1OTQ4NTg4NjQ...

170 B
188 B

63ms
39ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DPeb_UnCHknHPqbkvUFWWmMDYLrpEmntZap7XKgPcbI0-DIuDwlUKn1E5_dlAcDX0V0onUFMywINzaGYJsmJPTSzkvIbQ&google_hm=MTA1OTQ4NTg4NjQ4ODM0MzEzMjM

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4DPeb_UnCHknHPqbkvUFWWmMDYLrpEmntZap7XKgPcbI0-DIuDwlUKn1E5_dlAcDX0V0onUFMywINzaGYJsmJPTSzkvIbQ&google_hm=MTA1OTQ4NTg4NjQ4ODM0MzEzMjM
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F9D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4nmvhC26HSxty4DbuZ65o&google_cver=1&google_push=AehlK4CdEg5VoDvQy-QviUUgtVsNKkeRmdodVZaKUJilLt59TwsniNfO3E_3o45MXBHW4K0wqSF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOSEgtUS1GQzVS&google_push=AehlK4CdEg5VoDvQy-QviUUgtVsNKkeRmdodVZaKUJilLt59TwsniNfO3E_3o45MXBHW4K0wqSFABne3n5zealjQFvR41AV1jtY

170 B
188 B

50ms
50ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOSEgtUS1GQzVS&google_push=AehlK4CdEg5VoDvQy-QviUUgtVsNKkeRmdodVZaKUJilLt59TwsniNfO3E_3o45MXBHW4K0wqSFABne3n5zealjQFvR41AV1jtY

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOSEgtUS1GQzVS&google_push=AehlK4CdEg5VoDvQy-QviUUgtVsNKkeRmdodVZaKUJilLt59TwsniNfO3E_3o45MXBHW4K0wqSFABne3n5zealjQFvR41AV1jtY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: d5a7ef20801cf5cb1ee516b6110e672f
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F9D
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESELWxiwI1gsjXU5mdmzTOtNs&google_cver=1&google_push=AehlK4A776QzAQNwsV-j1UfBS5G8MTBf3EFaF6c27nzYq01MR4rqfS_HZb3wyABdYxmTOIUOSh39HYrmcZ_8fXqoyiapNW5CZUg
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4A776QzAQNwsV-j1UfBS5G8MTBf3EFaF6c27nzYq01MR4rqfS_HZb3wyABdYxmTOIUOSh39HYrmcZ_8fXqoyiapNW5CZUg&google_hm=fad1f5e7cf5c752329a3...

170 B
188 B

73ms
48ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4A776QzAQNwsV-j1UfBS5G8MTBf3EFaF6c27nzYq01MR4rqfS_HZb3wyABdYxmTOIUOSh39HYrmcZ_8fXqoyiapNW5CZUg&google_hm=fad1f5e7cf5c752329a399a5d38ded02

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4A776QzAQNwsV-j1UfBS5G8MTBf3EFaF6c27nzYq01MR4rqfS_HZb3wyABdYxmTOIUOSh39HYrmcZ_8fXqoyiapNW5CZUg&google_hm=fad1f5e7cf5c752329a399a5d38ded02
date: Wed, 13 Jul 2022 17:15:46 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F9D 0
232 B 155ms
37ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWNQG7ntJiO3H2DdpN46hWH6N_rJL5waRcCglr_yJbIHtbklxFYpTChYulRhjYfTyB8HzR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 rtimp
g.bidbrain.app/ Frame 54E4 0
18 B 70ms
62ms Ping
text/plain 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=6eea4a78-02cf-11ed-b872-2a558fdc7846&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_tops&gid=CAESEDj0y3dBVOTkhFEC-nqyQTw&a=load&p=Ys79wQAO8RIKwRYGAAmACYTB66y0T_MfovT97w&r=1161126722&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=1&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=N1vSnI5eIb&p=https%3A//sci-hub.hkvisa.net&dtd=40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C8A3 1 KB
749 B 127ms
21ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 19:22:06 GMT
etag: 48472445140208031
expires: Wed, 13 Jul 2022 19:22:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 23CA 1 KB
749 B 23ms
5ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 78820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 19:22:06 GMT
etag: 48472445140208031
expires: Wed, 13 Jul 2022 19:22:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E5C7 0
0 32ms
32ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIUsFwf3OYvCVEMXeowac2L2oDqHel_dk7rbQ3ecLy7jdh5gOEAEg86rhe2DJxqmLwKTYD6ABt77VyAPIAQGoAwHIA8MEqgTQAU_QA_cEGX6Pp0M3-qenu-Y4JDB-x4GfI7HxvEE2WuNb2Et-sfvDuf9EsZ7KrSGcPcBTJnLgeQHxqKz6DXPjiu1o3Ff47Y0gM8rtETbIDVWDqkPmBeu-7erf8O3wauwOiFb0gR8j87E6g8JMlFlmtBMLvcaLrQwBpLL5v-qjjoFpfXVuVbdQt31xti0hVw1LFlfDnjRvsnUASLslPgRAoHVSpvATFpr9IVLEG2ZwwdnGFbKMcKxGFcGIRN4WZxECTdfvw7PDEvVtD8_KisTBm9HABMedhv37AZIFBAgEGAGSBQQIBRgEoAZmgAexwao3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ94sa0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMCiBQD0BUBgBcBshccChoIABIUcHViLTQ3ODgwODMyMTkyMjQyNzgYAA&sigh=d8SxGJwdKCA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1657732545&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545035&bpp=14&bdt=1080&idt=141&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=7213047387705&frm=20&pv=2&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aCCsB7p8UF&p=https%3A//sci-hub.hkvisa.net&dtd=170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 13 Jul 2022 17:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 098A 143 B
163 B 8ms
7ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1657732545&psa=0&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545035&bpp=14&bdt=1080&idt=141&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&correlator=7213047387705&frm=20&pv=2&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=aCCsB7p8UF&p=https%3A//sci-hub.hkvisa.net&dtd=170
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 13 Jul 2022 17:11:38 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E5C7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe8125d7ed75acc98b3748e92283c77de3428c08ab5a49a3b8d2c6b1bb8e7b38

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98F7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06603234d02b4b3f1c0d7d1669a7b0b50a4cf81203b7c7c3dba4617c56429d7a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 98F7 15 KB
16 KB 37ms
6ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 596630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:31:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 98F7 15 KB
15 KB 47ms
15ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:35:49 GMT
x-content-type-options: nosniff
age: 596398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:35:49 GMT

GET
DATA 200
OK truncated
/ Frame 7284 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69afd492783dd478cf9c25b608e684eec75b99938726974b4a878943cd09184d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7284 15 KB
16 KB 32ms
13ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 596630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:31:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7284 15 KB
15 KB 31ms
14ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:35:49 GMT
x-content-type-options: nosniff
age: 596398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:35:49 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E5C7 28 KB
28 KB 20ms
15ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:34:36 GMT
x-content-type-options: nosniff
age: 592871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 20:34:36 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C8A3 35 B
462 B 56ms
12ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF6xIy_mkKotvQns29hZF6I&google_cver=1&google_push=AehlK4BxvuM-saXV-KSRtu43VSzZcVUS1GJuI2SZlHekJHfUg90XgnzDK6XLa47fHEEfLhwPrVHnASARXE-NGdFELmnB1ZUNAup1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame C8A3 42 B
60 B 34ms
33ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4Ba--pc4ImElaisFJAoEyJYormFlNT1KChtXPQj58YYoDaSN5Svon0JCctkLHIsOttS5XJMJu47MXRaLroFKgYnKB6gYf7X&google_gid=CAESEHm1BtPrS1K_s5xJp7w1aaA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jul 2022 17:15:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8A3
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm
https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm&google_hm=n_hoojbDzb8M6ogtyhU4wg==

170 B
188 B

30ms
28ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm&google_hm=n_hoojbDzb8M6ogtyhU4wg==

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4CndSkai6ZxMFBuYDuEOQB-StXmkvxMA3_6DWsGTslhAvuDBF35KkQLXPlIflRCAawwPa5iiKmpLTDYkYwgsNDocwSbYNjm&google_hm=n_hoojbDzb8M6ogtyhU4wg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: sevtfv4rank8uok5el18rrt0412e8boo

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C8A3 0
166 B 548ms
72ms Image
text/html 104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBmvDACFqVOucjaqWJodPk4&google_cver=1&google_push=AehlK4BdQ9nnsv4h1QVJRh7DZFdIvMnXUwf0CHUWv2xE5h2MVXx2QdzKKoAV2en9LYDsJHripwN69sIMr-nAiQMHXl-tXFNT4VY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8A3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4nmvhC26HSxty4DbuZ65o&google_cver=1&google_push=AehlK4A9rvBEaJDueotLZzHlg8_pz7HKpZYFhcwJMz6bIiL_5iXETlSC7W4xvvb3BukCVZIKMnt...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOTkItOC02TENF&google_push=AehlK4A9rvBEaJDueotLZzHlg8_pz7HKpZYFhcwJMz6bIiL_5iXETlSC7W4xvvb3BukCVZIKMntEP725hp3pvXvpBXWhAKZa7sg

170 B
188 B

42ms
41ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOTkItOC02TENF&google_push=AehlK4A9rvBEaJDueotLZzHlg8_pz7HKpZYFhcwJMz6bIiL_5iXETlSC7W4xvvb3BukCVZIKMntEP725hp3pvXvpBXWhAKZa7sg

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOTkItOC02TENF&google_push=AehlK4A9rvBEaJDueotLZzHlg8_pz7HKpZYFhcwJMz6bIiL_5iXETlSC7W4xvvb3BukCVZIKMntEP725hp3pvXvpBXWhAKZa7sg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8A3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79w5g-Ilq5q7if2PICwwAAAd8AAAAB&google_nid=index&google_push=AehlK4DcxHMQmVkvJxg0ujcyyqF5-lbHtIgNh...

170 B
188 B

36ms
28ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79w5g-Ilq5q7if2PICwwAAAd8AAAAB&google_nid=index&google_push=AehlK4DcxHMQmVkvJxg0ujcyyqF5-lbHtIgNhEKC4vOoNYukxLd1pxSlRTMyUKXNpRfcidsTrjv1NOEKCh9Jd4-PWbcnFd-d98h_

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3wjnM7UiG9AfgexhVho%2BmuDrzJRiSe2LzJJBAy43snZHSY4Vgmx%2FfwJUZ5OhPLQ%2FhDtjW7kY%2Fk%2FZy5EyY%2Fs%2BPHCETfjTbTw4Gex80F3BYeMr5slIauWcPcx2QzwDSy7WKRLO5IA8nh3YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79w5g-Ilq5q7if2PICwwAAAd8AAAAB&google_nid=index&google_push=AehlK4DcxHMQmVkvJxg0ujcyyqF5-lbHtIgNhEKC4vOoNYukxLd1pxSlRTMyUKXNpRfcidsTrjv1NOEKCh9Jd4-PWbcnFd-d98h_
cache-control: no-cache
cf-ray: 72a3a9a3df5f192c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8A3
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESELWxiwI1gsjXU5mdmzTOtNs&google_cver=1&google_push=AehlK4DLx9luoZjBJblOfL0LyL3UTYkwSlmzJRtL7DPRtkNgYGp2iUjAhQPCn8uRmeAtgo_7Byx-u9dPPc2TiTImhP5JWNWRR5Jr
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DLx9luoZjBJblOfL0LyL3UTYkwSlmzJRtL7DPRtkNgYGp2iUjAhQPCn8uRmeAtgo_7Byx-u9dPPc2TiTImhP5JWNWRR5Jr&google_hm=fad1f5e7cf5c752329a...

170 B
188 B

44ms
44ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DLx9luoZjBJblOfL0LyL3UTYkwSlmzJRtL7DPRtkNgYGp2iUjAhQPCn8uRmeAtgo_7Byx-u9dPPc2TiTImhP5JWNWRR5Jr&google_hm=fad1f5e7cf5c752329a399a5d38ded02

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4DLx9luoZjBJblOfL0LyL3UTYkwSlmzJRtL7DPRtkNgYGp2iUjAhQPCn8uRmeAtgo_7Byx-u9dPPc2TiTImhP5JWNWRR5Jr&google_hm=fad1f5e7cf5c752329a399a5d38ded02
date: Wed, 13 Jul 2022 17:15:47 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C8A3 0
12 B 21ms
20ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQQtCiu335-dUG_vOS5CoMONRxAcqfKGUmk2Emb3YatfQgIwuXzLb3-zdS1oYjf2Fc8Ud2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 23CA 35 B
464 B 48ms
11ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF6xIy_mkKotvQns29hZF6I&google_cver=1&google_push=AehlK4BotR0LQpZAhVRJBSG5K2fpQRtRsPXhOxHlha9bslw5BeGBiqSq4nnNOs1jys4TJj0n4BIdUHspW1ZtLAbchp3I3Li_tXKX

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23CA
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESENH_ALD7CiCQX6jcCC3KnuM&google_cver=1&google_push=AehlK4BttSzGQaQW3sLpoUrIzSGxMXwSbP-s5bhAV4MvNWDvimtP60yJgvFJ7DMkr8TbAOdL8C5K3Phnu...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4BttSzGQaQW3sLpoUrIzSGxMXwSbP-s5bhAV4MvNWDvimtP60yJgvFJ7DMkr8TbAOdL8C5K3PhnupQ8iFv_bHz202_EYjxR&google_hm=MTA1OTg1ODg0MD...

170 B
188 B

36ms
31ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4BttSzGQaQW3sLpoUrIzSGxMXwSbP-s5bhAV4MvNWDvimtP60yJgvFJ7DMkr8TbAOdL8C5K3PhnupQ8iFv_bHz202_EYjxR&google_hm=MTA1OTg1ODg0MDczNzYyMjM2NTM

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dev_dmp&google_push=AehlK4BttSzGQaQW3sLpoUrIzSGxMXwSbP-s5bhAV4MvNWDvimtP60yJgvFJ7DMkr8TbAOdL8C5K3PhnupQ8iFv_bHz202_EYjxR&google_hm=MTA1OTg1ODg0MDczNzYyMjM2NTM
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23CA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9rg
https://rtb.openx.net/sync/dds?google_gid=CAESEDXTnibktvDRQnpyuaIa9Rk&google_cver=1&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9r...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9rg&google_hm=n_hoojbDzb8M6ogtyhU4wg==

170 B
188 B

31ms
29ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9rg&google_hm=n_hoojbDzb8M6ogtyhU4wg==

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:46 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4D__ric48HfHF1uTSzRb7Q6CWIayTsQ4sEp6Z2mYoXo7b53yGSWXOWPWB4rH2J6ptPTNSJY1fcN4ctZEJWv8meJLiP1Z0O9rg&google_hm=n_hoojbDzb8M6ogtyhU4wg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: gaqcm824o5bbj83t7lp283jm07705sld

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 23CA 0
41 B 542ms
72ms Image
text/html 104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBmvDACFqVOucjaqWJodPk4&google_cver=1&google_push=AehlK4AizySCohts6j5MQzgHvf5hMjl6tLoJIwqEzxWRQFmpE_TYfiUaPL-w895NjgLPkJeHxmg8oT41fe1ssXzKOx08_HEZIxb1zg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23CA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE4nmvhC26HSxty4DbuZ65o&google_cver=1&google_push=AehlK4C8x4rNIm8iEWFVNFSgqtOzz3pp4a_jg2o9sY7wC_90JamrjC-ySYlSaktvztrZKRDazu-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOT1MtMUotOERDUQ==&google_push=AehlK4C8x4rNIm8iEWFVNFSgqtOzz3pp4a_jg2o9sY7wC_90JamrjC-ySYlSaktvztrZKRDazu-eEBXTcj2BoSc25ufr34ZZ2Tpmng

170 B
188 B

35ms
33ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOT1MtMUotOERDUQ==&google_push=AehlK4C8x4rNIm8iEWFVNFSgqtOzz3pp4a_jg2o9sY7wC_90JamrjC-ySYlSaktvztrZKRDazu-eEBXTcj2BoSc25ufr34ZZ2Tpmng

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKVjVOT1MtMUotOERDUQ==&google_push=AehlK4C8x4rNIm8iEWFVNFSgqtOzz3pp4a_jg2o9sY7wC_90JamrjC-ySYlSaktvztrZKRDazu-eEBXTcj2BoSc25ufr34ZZ2Tpmng
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: c3b5432477546c086cd062707f625a76
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23CA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79wxo2zPMnlNCAb_IpRQAAACgAAAIB&google_nid=index&google_push=AehlK4D9sIGlzfxEBNheSAadeia7MzVnU4OyL...

170 B
188 B

29ms
28ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79wxo2zPMnlNCAb_IpRQAAACgAAAIB&google_nid=index&google_push=AehlK4D9sIGlzfxEBNheSAadeia7MzVnU4OyLbrKQihUrTwV2cRsOGbHZUwNyKghlTUKJ_q4L-B0TkBAMMvCaEbKGXqfWY8npo1X

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2vEuXVdGYyQI8zmtG11SF7oN9jYNIURsQaiAE56uZRxPA541K9axhkT8ND7kAj3JaAV5q4dOBYWKyPJkPfbb0T7oB24Xo8dNzTbtb9nRTw2yzfS1Vs8Pn%2BK1d67XUhp7vOC3UgV%2Bs8f1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH6p0avnQlbo1BjN5t2r2l4&google_hm=Ys79wxo2zPMnlNCAb_IpRQAAACgAAAIB&google_nid=index&google_push=AehlK4D9sIGlzfxEBNheSAadeia7MzVnU4OyLbrKQihUrTwV2cRsOGbHZUwNyKghlTUKJ_q4L-B0TkBAMMvCaEbKGXqfWY8npo1X
cache-control: no-cache
cf-ray: 72a3a9a47895192c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23CA
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESELWxiwI1gsjXU5mdmzTOtNs&google_cver=1&google_push=AehlK4Amv8UGqS1bkZttQRbnv3AjV06A_kGXT_itMbGKSRKZoSWtn6I1rKqqYamQ4chfvxWGjiyQ3TKzPoP9uJXAo68Q4u9vhQO2sQ
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Amv8UGqS1bkZttQRbnv3AjV06A_kGXT_itMbGKSRKZoSWtn6I1rKqqYamQ4chfvxWGjiyQ3TKzPoP9uJXAo68Q4u9vhQO2sQ&google_hm=fad1f5e7cf5c75232...

170 B
188 B

36ms
36ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Amv8UGqS1bkZttQRbnv3AjV06A_kGXT_itMbGKSRKZoSWtn6I1rKqqYamQ4chfvxWGjiyQ3TKzPoP9uJXAo68Q4u9vhQO2sQ&google_hm=fad1f5e7cf5c752329a399a5d38ded02

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4Amv8UGqS1bkZttQRbnv3AjV06A_kGXT_itMbGKSRKZoSWtn6I1rKqqYamQ4chfvxWGjiyQ3TKzPoP9uJXAo68Q4u9vhQO2sQ&google_hm=fad1f5e7cf5c752329a399a5d38ded02
date: Wed, 13 Jul 2022 17:15:47 GMT
server: nginx
content-type: text/html; charset=UTF-8
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 23CA 0
12 B 24ms
21ms Image
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lu0hBGdt7i86UBxXJelkliRoVwva8HlMiTc58zmF3UQbGM177srE_VWOTH0hz3BkYAHE_W

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 rtimp
g.bidbrain.app/ Frame 98F7 0
18 B 37ms
36ms Ping
text/plain 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=6eeb2e52-02cf-11ed-91e7-963ecfb09b2e&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_tops&gid=CAESEDj0y3dBVOTkhFEC-nqyQTw&a=load&p=Ys79wQAO9dkKwWBMAAfOGVvotmdybu2xLA72pg&r=555365523&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.28055224~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2803&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=9StEcjt9yu&p=https%3A//sci-hub.hkvisa.net&dtd=46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 7284 0
20 B 47ms
45ms Ping
text/plain 34.102.128.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=6eec3e3c-02cf-11ed-a2d5-1af5a834b99c&d=sci-hub.hkvisa.net&cr=ext_gen2_v10_tops&gid=CAESEDj0y3dBVOTkhFEC-nqyQTw&a=load&p=Ys79wQAO-u8KwTolAAfJVUPVoZjAEz8g7icr6A&r=1255323182&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1657732545&rafmt=1&to=qs&pwprc=6292441334&psa=0&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657732545634&bpp=2&bdt=1679&idt=-M&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc6e0bd181464f710-22ef4481d1d30037%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA&gpic=UID%3D00000644e0baa6f8%3AT%3D1657732545%3ART%3D1657732545%3AS%3DALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=7213047387705&frm=20&pv=1&ga_vid=1252056537.1657732545&ga_sid=1657732545&ga_hid=147790662&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763958%2C31068196%2C31068418%2C31060566&oid=2&pvsid=246019807546851&tmod=1527071514&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=y74YuyLxex&p=https%3A//sci-hub.hkvisa.net&dtd=34
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:47 GMT
via: 1.1 google
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 122 B
593 B 678ms
116ms Script
application/javascript 31.131.252.90
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=undefinedszSTFwycmwpLundefinedbk&first=1

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

53e8da05d601bc86aa8d6148c2ffc61254f87660d3453c4df898153052cbb28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 17:15:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Jul 2022 17:15:47 GMT

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 122 B
593 B 678ms
117ms Script
application/javascript 31.131.252.90
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=CsiB2EwAudGyr0TO

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

53e8da05d601bc86aa8d6148c2ffc61254f87660d3453c4df898153052cbb28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 17:15:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Jul 2022 17:15:47 GMT

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

43 B
528 B

116ms
116ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Jul 2022 17:15:47 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Jul 2022 17:15:47 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 12 Jul 2021 21:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 55ms
35ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e625d13705033a156b8418ffcd3df8402f241b74e6a81e3e7455f18cfd4fcb04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Jul 2022 17:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10881
x-xss-protection: 0

GET
H/1.1 200
OK 06.png
share.pluso.ru/img/pluso-like/square/medium/ 23 KB
23 KB 786ms
228ms Image
image/png 31.131.252.90
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/pluso-like/square/medium/06.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 17:15:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-5b8f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 23439
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 689ms
123ms Image
image/png 31.131.252.90
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/plus.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.90 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 17:15:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 098A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
29ms

Document
text/html

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Jul 2022 17:15:47 GMT
expires: Wed, 13 Jul 2022 17:15:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Jul 2022 17:15:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BAE 36 KB
14 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 02:33:56 GMT

GET kb.js
kitbit.net/ 0
0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
23ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068418

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 17:15:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8AE 13 KB
5 KB 5ms
5ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 81046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 18:45:01 GMT
expires: Wed, 12 Jul 2023 18:45:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E691 783 B
533 B 37ms
37ms Document
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92135fa416172cc95a2060a05b4157e293e0ca65f042ea7fb8d79175ea8f4cb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IArI87ZS5JtirAcEmJIsvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-IArI87ZS5JtirAcEmJIsvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:15:47 GMT
expires: Wed, 13 Jul 2022 17:15:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js Show response
pagead2.googlesyndication.com/bg/ Frame D8AE 36 KB
14 KB 15ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 02:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 02:33:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E691 0
0 32ms
31ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=246019807546851&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D8AE 0
9 B 8ms
8ms Image
text/plain 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IRKDTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:15:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 39ms
39ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=246019807546851&bg=!JiWlJWHNAAaYcLjmuHA7ACkAdvg8Wq_6nVM2zglS8jqjT52mK4FgVlKgHNqS_Br1ZynJckVJVOYp9gIAAACSUgAAAARoAQcKABnc-33YNLXwv61n41TSs6xPVAYWV3ogvNPjmQKdCk5w77kl47P8yal7vFj2ynL0-iIeQ1lY7VZP8yiMbkF_T8ykhXhXcHethDlqHX3DBnynQbszbfNgBA53sZEeJtZm6I3s4sCBFX-33zRImBvnJ76xmn5l0eKUrN_Y4Z2NHpc8TtrAdwW78G8UJCZ8cIFTSpQ8ndgmJfz0QB-qj2bZPZ902UzA_P2ZFchd6oag7LBwThuoVJzCDlWwQkIfrQBmvJd3Ob03VO6KPE0imFhYXI3YASCdSGiA7D2SG1DdqmyvtQzgobs6oBVsr0xoLCuSN8LA26-STcWe6p0iCXPiCIuFWqoNw-8h_9eWWYeMe0I6OZJWzUxrFpnRuxcFizkmsFwys2Z7KDIFzLlYymRS97y84h-wWXxo7CL_3lrhm6YgyBdqlISiOebDXntEk56sLYsC3qk4x3kIzwAEMCz-bqQGaqpHojE89DzY0zW0UPH0eah5307M-dgOfktpmSVL1Vxf85U_AysBYZAjrhDT6hj2hKcpwMkxkTm8JKMsdOhCRjp_Xq8xrkZTNeqKOvnS89dTeoJ6oHqOOM4xTcLsaI44BVJTakkMmmJMKbi6NUyrnGN446mq0U5DTI2014qSM7SyfycxvCLeFX_3yKT8v1Fd27X3XERRhbmbiqnwljCKx0ukd4AR6hyKHQsWcrORA6yLRojxXwg5iLWygmfCSO8c8qC-iyWJtQlCWw3ofZpnOVud8lcbM8n_cuJg3yFeNuFPgiAHjXRZWbIyCkVzYSpJIafSsrSsG-XnyixGuzzG17Pg1QQwFZqvC9oYsk6uN2963mGYLbMpUUnReV8zQQImqTWbCpAYUBX7WY2QR3CIJUkvGC4T_l4zk-6cphge8f5a5hFJ91bIf-Pk3k92OpFg77bB8I1TEG8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E5C7 42 B
64 B 26ms
25ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLMC7kAOcuqpTMxTdifne2cpEtWuhZIHQ2PtTr-hroCeNPZMkSIFSz1tJKXg7IryiqQvOv58XSaFfx_UOSppdIrAf6HDWpG0cs5n98o63ZV3D_yYlXWxDE1Hma_NwWI4tI7fjJpL8TEQ&sai=AMfl-YSUlaNXWiRy4DPG0BqiBX7m48on_2voBqaReVwJU87CwAP0NdNR-Xp4boEU_ecbGxfuxdI-Vqlucm55&sig=Cg0ArKJSzLzMDUEWmLjgEAE&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1980608376&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657732545212&rpt=1906&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 17:15:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.sci-hub.shop
URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Domain: kitbit.net
URL: https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hkvisa.net/	1970-01-20 13:50:28	Name: __gads Value: ID=c6e0bd181464f710-22ef4481d1d30037:T=1657732545:RT=1657732545:S=ALNI_MZYKh4M4la7DkuvjUdT0sUsRUj3nA
.hkvisa.net/	1970-01-20 13:50:28	Name: __gpi Value: UID=00000644e0baa6f8:T=1657732545:RT=1657732545:S=ALNI_MaXAYaySjyYWx-TOcsSJjIKsLbcVw
.doubleclick.net/	1970-01-20 22:00:04	Name: IDE Value: AHWqTUkRKaMPlJuv8QtLQiYVA9P6tz4q-w6GmW7bocYW1tC9SfXWmW2K8ul-xub7zwE
.rtbrain.app/	1970-01-25 20:31:23	Name: uid_cross Value: 6e90d31c-02cf-11ed-ba84-b280a31625d8
.rtbrain.app/	1970-01-20 04:28:59	Name: sid_cross Value: 6e81cf8e-02cf-11ed-b7c6-ba1ca36ecf07
.bidbrain.app/	1970-01-25 20:31:23	Name: uid_cross Value: 6e90d31c-02cf-11ed-ba84-b280a31625d8
.adingo.jp/	1970-01-20 05:12:04	Name: ID Value: fad1f5e7cf5c752329a399a5d38ded02
.agkn.com/	1970-01-20 13:14:28	Name: ab Value: 0001%3A0d%2BOlfZA%2BdP1X6%2BJpG1UNpbSH2wk7amk
.agkn.com/	1970-01-20 13:14:28	Name: u Value: C\|0CEAqYbpCKmG6QgAAAAAAAQ13AQCAAQpAAAAAAA
.mookie1.com/	1970-01-20 13:57:40	Name: id Value: 10598588407376223653
.mookie1.com/	1970-01-20 13:57:40	Name: mdata Value: 1\|10598588407376223653\|1657732546740
.mookie1.com/	1970-01-20 13:57:40	Name: ov Value: 81408c6689bc468b0fcdc1fdf9031cb3
.rlcdn.com/	1970-01-20 05:55:16	Name: pxrc Value: CML7u5YGEgUI6AcQABIGCOndKhAA
.rlcdn.com/	1970-01-20 13:14:28	Name: rlas3 Value: k/5L5d66VHScGTWyrCrDnqSUiBCQnk9mZI72s/vOj+Q=
.openx.net/	1970-01-20 13:14:28	Name: i Value: 9302ddc7-36c2-4b66-b048-0c727d2b3185\|1657732547
.quantserve.com/	1970-01-20 06:38:28	Name: d Value: EHMBCQHNJoEA
.quantserve.com/	1970-01-20 13:59:06	Name: mc Value: 62cefdc3-18955-e85e7-1cde7
.bidbrain.app/	1970-01-20 04:28:59	Name: sid_cross Value: 6eec3e3c-02cf-11ed-a2d5-1af5a834b99c
.casalemedia.com/	1970-01-20 06:38:28	Name: CMPS Value: 040
.doubleclick.net/	1970-01-20 04:28:56	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 13:14:28	Name: CMID Value: Ys79wxo2zPMnlNCAb-IpRQAA
.casalemedia.com/	1970-01-20 06:38:28	Name: CMTS Value: 041
.casalemedia.com/	1970-01-20 06:38:28	Name: CMPRO Value: 040
.yadro.ru/	1970-01-20 13:13:15	Name: FTID Value: 1Yplt32Hx9eM1Yplt3003MRU
.yadro.ru/	1970-01-20 13:13:15	Name: VID Value: 3UYUrp3nhCeM1Yplt3003MSv

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://sci-hub.hkvisa.net/(Line 417) Message: Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.hkvisa.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
agupubs.onlinelibrary.wiley.com.scihubtw.tw
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
g.rtbrain.app
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
img.sci-hub.shop
kitbit.net
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
sci-hub.hkvisa.net
share.pluso.ru
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
img.sci-hub.shop
kitbit.net
104.18.18.126
104.36.113.23
142.251.40.162
168.235.94.171
18.234.4.63
2600:9000:21da:2c00:19:fc2c:a140:93a1
2606:4700:3033::ac43:a162
2606:4700:3034::6815:3f4b
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2004
2607:f8b0:4006:820::200a
2607:f8b0:4006:822::2003
2607:f8b0:4006:824::2002
2620:116:800b:21:b08a:1dc5:659b:4055
3.232.145.71
31.131.252.90
34.102.128.115
35.190.60.146
35.190.90.30
35.227.252.103
69.173.151.100
88.212.202.52
06603234d02b4b3f1c0d7d1669a7b0b50a4cf81203b7c7c3dba4617c56429d7a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
12898b046a32b07eee86be288ef4076c76f472a03ebc62cc4c94bf3bef845699
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18a30c1599b31e9ec3ac3354bd41418e7e96847fd10fafaf656ca69d97c5be11
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2d39af6761e143a08b5c1612f0ee7d3395ad0ee0aa049edea75711f780f69ed2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
42010ba524f3ea737e3d41bb92a10c105625b4fb795dd519e0f67bfbc1903bcc
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
467604f1339295ef3861c54dc14e4f6cee9a7e72f207c72ef4a1499c86ac2291
46989820a9b0643099415ba7b00bd0e2e48ba06142c0b5ab3035818c2b303e0f
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
53e8da05d601bc86aa8d6148c2ffc61254f87660d3453c4df898153052cbb28b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69afd492783dd478cf9c25b608e684eec75b99938726974b4a878943cd09184d
7217d6a1e5f03329de1b3e3dbd79d566bf1a18f416e62c4be40b8c83bfb378b7
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
8451ebb9ccbf3241ebfbabd163130c40f35d08657ad2da037119674925c1e892
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89b02249a8c8f41eee9a90caa167d49345f20dbde31fb679c341f926323a7c32
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
914fd1ee31d6b2a73d115f71e9501924435de5fc34f784868669ffef53df19af
92135fa416172cc95a2060a05b4157e293e0ca65f042ea7fb8d79175ea8f4cb0
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
ad9634a32c6af2a96442c748b89ee7e33e7da853c55bf2e2bd0a91ce729a1838
b6c2fc04c13c6630cfe3ed0df75a34fe3a52299fdfe9703697c968c39196fd8c
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bf7b1322be2cd54fc5d30dd0cf55c310a21d5cc55030dd34065cc9231c7292c4
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2f64c2d74052e843ecbfb847a65ea4610bcb1eac94b1c04808d5f14e7cd71f4
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
ca5d475b03e9d0b7f6f4582556362e6fd6d04f80efbd8dc4368b14dc4b1fafbf
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e625d13705033a156b8418ffcd3df8402f241b74e6a81e3e7455f18cfd4fcb04
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1175ed541da3206620523b17b435df203157471aa550e425fdc47354a6adfbf
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65f5abc4512269896cc7448cc534347897da84aeb16e2ac29f697dfe3986c20
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa3a9dd9c293a3d3ac79dc8c9c67ed48a2a3c1b390b37d6de7926759d3271ce6
fe8125d7ed75acc98b3748e92283c77de3428c08ab5a49a3b8d2c6b1bb8e7b38
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

sci-hub.hkvisa.net Open in urlscan Pro 2606:4700:3034::6815:3f4b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

84 %HTTPS

52 %IPv6

25 Domains

29 Subdomains

20 IPs

3 Countries

1535 kBTransfer

3387 kBSize

25 Cookies

4 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sci-hub.hkvisa.net Open in urlscan Pro
2606:4700:3034::6815:3f4b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

84 %
HTTPS

52 %
IPv6

25
Domains

29
Subdomains

20
IPs

3
Countries

1535 kB
Transfer

3387 kB
Size

25
Cookies

144 HTTP transactions
5 data transactions