urlscan.io logo urlscan.io
SecurityTrails logo

sci-hub.mksa.top Open in urlscan Pro
2606:4700:3031::6815:4958  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sci-hub.mksa.top/
Effective URL: https://sci-hub.mksa.top/
Submission: On August 08 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3031::6815:4958, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.mksa.top. The Cisco Umbrella rank of the primary domain is 719406.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 1st 2022. Valid for: a year.
This is the only time sci-hub.mksa.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

2    2606:4700:3031::6815:4958 (United States)

ASN13335 (CLOUDFLARENET, US)
sci-hub.mksa.top
21    2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sci-hub.shop
16    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
cm.g.doubleclick.net
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
3    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    37.200.67.211 (Russian Federation)

ASN49505 (SELECTEL, RU)
share.pluso.ru
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
Apex Domain
Subdomains		 Transfer
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
357 KB
21 sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 389590
585 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
87 KB
5 gstatic.com
www.gstatic.com
33 KB
4 pluso.ru
share.pluso.ru — Cisco Umbrella Rank: 181049
27 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
r.casalemedia.com — Cisco Umbrella Rank: 713
4 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
3 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9467
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
86 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
914 B
2 mksa.top
sci-hub.mksa.top — Cisco Umbrella Rank: 719406
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
13 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
643 B
0 kitbit.net Failed
kitbit.net Failed
85 16
Domain Requested by
21 img.sci-hub.shop sci-hub.mksa.top
16 pagead2.googlesyndication.com sci-hub.mksa.top
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.gstatic.com
12 tpc.googlesyndication.com googleads.g.doubleclick.net
sci-hub.mksa.top
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 www.gstatic.com googleads.g.doubleclick.net
4 share.pluso.ru img.sci-hub.shop
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
2 counter.yadro.ru 1 redirects
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net sci-hub.mksa.top
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 sci-hub.mksa.top 1 redirects
1 fonts.googleapis.com googleads.g.doubleclick.net
1 r.casalemedia.com 1 redirects
1 s0.2mdn.net sci-hub.mksa.top
1 partner.googleadservices.com pagead2.googlesyndication.com
0 kitbit.net Failed img.sci-hub.shop
85 21

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
mksa.top
Cloudflare Inc ECC CA-3		 2022-02-01 -
2023-01-31		 a year crt.sh
sci-hub.shop
Cloudflare Inc ECC CA-3		 2022-05-23 -
2023-05-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.pluso.ru
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://sci-hub.mksa.top/
Frame ID: 2A779D39C573B80CDD916D373019BCA6
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Frame ID: 96EBE96E2A5AD69B82C21299779C1230
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&adk=1812271804&adf=3025194257&lmt=1659965912&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912160&bpp=2&bdt=595&idt=324&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2840376174394&frm=20&pv=2&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Frame ID: F371BD82D048AFE50EDCEBAB0BC5C4EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Frame ID: C07739CB312F3EB4650A69AD038E53BD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEJLZsbMDGM-fgs0BMAE&v=APEucNU1TrB1u0_uJIamw1CutCBADjM-QbWBaHSJjM7VQayT31xVbNqNkIBlhj2MfWUsq8dOolx1PlOzKmuq8oSD-b2GQxfzzl9JSz6fETHEZYCr1FBoI2CHEfkJlbSTydxwcdrDF-qH_GFhsjQEVIraKmYku_IHkKFmcDSQHMeD4c1at8BG_8s
Frame ID: BFB66101452857F621F7CE733768A5B8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js
Frame ID: 77339F1FA01EEA218CD5FF72F2066664
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9A88E90A54FBACB56276ED895F099B5A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3E7E2ACF07A4B3CEFFC4FC0362B87158
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BDF8CBA74DCC118C6B6304D6C83D9D72
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: FB654B913A1E2589490BC7FD225DCDDC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 295B3A4AEB2D83BB62FF309F809CB5D8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84A6309B8E39CF0F2823D44112CD64FC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sci-Hub

Page URL History Show full URLs

  1. http://sci-hub.mksa.top/ HTTP 301
    https://sci-hub.mksa.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

85
Requests

87 %
HTTPS

63 %
IPv6

16
Domains

21
Subdomains

20
IPs

5
Countries

1201 kB
Transfer

2549 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sci-hub.mksa.top/ HTTP 301
    https://sci-hub.mksa.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
Request Chain 44
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvER2fdBxTFT96EvnmHlDwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
Request Chain 45
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIVN8Snk4Ldg8cr2wyrPTd4&google_cver=1
Request Chain 46
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMDQ2MTE5NTUwNTY0MTAwOQ%3D%3D
Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 73
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sci-hub.mksa.top/
Redirect Chain
  • http://sci-hub.mksa.top/
  • https://sci-hub.mksa.top/
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9be8bca8e99d3e4df920b526377cdc77fe018083325fa9ca149dd4844b7b28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=43200 no-cache
cf-cache-status
DYNAMIC
cf-ray
7378a71f4a4a5c6e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 13:38:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 09 Aug 2022 01:38:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1dvEY5UyEKb0Z917Q0STuPzg1qCem2X5hxcifeu7MrWBKZggK5ap2HnZG7O1k%2FpuWtVewxYnrLs%2FZPKi2Pr4KiJFEjiBulMzlQlkusyuI2FrJeWLFrtfIW16HFh9H1bmMksA69SGGhu8YEDIxBX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-cache
MISS MISS

Redirect headers

CF-RAY
7378a71c2849911f-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 08 Aug 2022 13:38:30 GMT
Expires
Mon, 08 Aug 2022 14:38:30 GMT
Location
https://sci-hub.mksa.top/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxOK5BILyRXglEnbcT84jCK0imIAGpp9s2h1O4OnwwcJJxKAgWCuvMiEDwzJwtzt8E2nzwxWayM0Mw0lsUQKXPNCBlftKsTbkflip5%2FcL4ur5k7PVXhirQ%2FLSsUSSzpSLr9risxAVKKMSQN7Xlw%2F"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236862
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 30 Nov 2018 04:24:28 GMT
server
cloudflare
etag
W/"5c00bb7c-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mkq5viPj4xlprcpn4U%2FVzCVTc0IyKFg4ByTRyHvnIBr9j9gIKxJLTXREVDPhPJUoaDirZ5AvyVsHT%2B16mOZy5q2I121BDiS3PZPrgGo4q6Tj6KbUw1bgixdjIwckWZjdoaSXKAYkbeOwryGNnrwI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7378a7251c4e9293-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-ui.min.js
img.sci-hub.shop/scihub/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1502678
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 14 Dec 2018 08:14:20 GMT
server
cloudflare
etag
W/"5c13665c-3dee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2F5Myyul44kkIM3e%2BiZTjf0k391sF4OKoM9rIDTksOCiNaoAjFNWSe8j5VZ9yo0qiWz%2FFs28CTMVO0ko7aJFjDfAsmHupUDlNXSpGSu6HHPk2z10zaWpyFEXV5%2B%2F7skoL%2BhhIE2hVfG0Ce8EJ9cU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7378a7251c529293-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
openapi.js
img.sci-hub.shop/scihub/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/openapi.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236862
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 30 Nov 2018 04:24:44 GMT
server
cloudflare
etag
W/"5c00bb8c-1798d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud5cMuePMRXIIbQnx9mxl8OFQGGNeh4I%2B4etA5mY7qmpnMa1pM9Kt8%2BcjKy0xVQjmMmPMFxpK%2FFB8wDOg2%2FiFxrRUCat4XVpx7ucTLeGFknQcVePzVTDCvUMwVQnOf3Kou9QG1o%2F6yRWti8XmCDn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7378a7251c509293-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
medal.png
img.sci-hub.shop/scihub/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/medal.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236919
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22275
last-modified
Fri, 30 Nov 2018 06:13:38 GMT
server
cloudflare
etag
"5c00d512-5703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5CG6qRbNg93PuN%2B9IEtz4K8XATWxADN9KZOtrelBVeINIKj9RIvRUY2sXpbhV1kDQtqmZc6fg5xqA%2BSOB1xvOxYSofKe1F5E7x5xjxLWgXS22DOrcQ2y8s8%2Bp6xypcb7oIDnbU4QeR3jqx%2F9LzS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7254c7e9293-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
key_1.png
img.sci-hub.shop/scihub/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/key_1.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236919
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8428
last-modified
Fri, 30 Nov 2018 06:13:40 GMT
server
cloudflare
etag
"5c00d514-20ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y%2FVkUqxg4O5jz26rgEB01nDiroAIctDBoS1UhBrHJoHGGSx8zanghP5SKDECXSn0ghDGzQsI8iHB3rO6EeS2MOTeNFdIl36yZsbvhhYK%2Bo7Z6it81pc7hJIx3wY6QGIeN2SbN7qwU2yIDn%2FTHXe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7255c8a9293-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6eb7e497456d60d78ba389a1e92e3342238c4f8429dfc05c08fdc35950a4e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Origin
https://sci-hub.mksa.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57219
x-xss-protection
0
server
cafe
etag
8890957706929658354
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 Aug 2022 13:38:32 GMT
top-back.jpg
img.sci-hub.shop/scihub/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/top-back.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
188646
last-modified
Mon, 16 Sep 2019 12:17:02 GMT
server
cloudflare
etag
"5d7f7d3e-2e0e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DRIqX%2BfQsJkO3FYbewggyzEo5mBkfUHEs2e1DYNI9LIVghb9qpctYwt33v6kiJCgPCUCYVJBxM2ozMtFW2PCSMXdRq8a9T%2FgK%2BTf5KpTv0f0I%2BOnD05RFomj8eiQ1UlQFqVP2lOu1oTDIGQGuCn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7256e7b913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_en.png
img.sci-hub.shop/scihub/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/logo_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14556
last-modified
Fri, 30 Nov 2018 05:56:38 GMT
server
cloudflare
etag
"5c00d116-38dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmlaswQ42uW8TRdQUFog4LT756IKb%2Bjx%2FggxzjBSuCcD4khSpjumHq4jKc7JkDLE5n7VkzgbEtZV5HwWPy4gsoK%2FAoOiq7PctTpVk1dtcSYszk%2BIrhfl1TbhmK8mbV5cH%2FF0yDMpPzYr1UvRvLU5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e89913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
raven_1.png
img.sci-hub.shop/scihub/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/raven_1.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60144
last-modified
Fri, 30 Nov 2018 05:56:32 GMT
server
cloudflare
etag
"5c00d110-eaf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mv8S%2Frjdoxt2H6n9vAOzMek10T1cmXfZm6QdU6GIO%2FTXlIOzFpe5yxWcQSDSkaXW3COXI%2FcsVzxkYS7HtBVPyiUpg%2FxZEhIRkbxBFpGAHwRUItiNozTqo0L%2Bs10jNZYejh6dad6pnOy51JU0oZv4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e8f913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
map.jpg
img.sci-hub.shop/scihub/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/map.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55605
last-modified
Fri, 30 Nov 2018 05:56:52 GMT
server
cloudflare
etag
"5c00d124-d935"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oP88mxf2v3RJRlS9FtrLduPQJhc08QkuP%2Fht8dqaUexj%2BXRdoBIygtzOVX4ETklHIL0P%2Baj%2FHSaFY9o6cc9OkAowgx4BgbDjx0EsJh4tJ5y0ajbi%2FPm%2BkUhmL2D9b8UTFAp1ob2CnFwPeN7pQ0dv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e90913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
about-marker_en.png
img.sci-hub.shop/scihub/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3361
last-modified
Fri, 30 Nov 2018 05:57:02 GMT
server
cloudflare
etag
"5c00d12e-d21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjIx8ZFEZu8bI0hoIfeDYXIcswQP9F8DrYki8uqAwjPrCgwxZ5Dn7OrTxrGqIKpob2qxhEFUm0ep5ky4hcN9tM8fbBN76JhajcIznIqn4g3Lb9J30PafctvKzekIkPMY4w5NMZyGWE9whXevwF%2Fy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e91913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
quote.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quote.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1068
last-modified
Fri, 30 Nov 2018 05:57:12 GMT
server
cloudflare
etag
"5c00d138-42c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSgV9UM8c3sQuet9p5zbjYpRImDPhUC0fQj8iGuq18c7SCApQ2IMlazt2x6AXl3bRjXOhu1Frup9TrnlRV9NGsy4a%2FTiHJTgDzs2iMcB%2BOpBNHZC64rt8UtoXLYPMUSmxeHI6KA%2BAIj55ie12r9P"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e92913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
quotenext_en.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1087
last-modified
Fri, 30 Nov 2018 05:57:18 GMT
server
cloudflare
etag
"5c00d13e-43f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSgtFQ0PAablfqE2M7ypr9i15n3vTaA%2F8mZM2Oux1abK9tr%2FkRHcj2%2FptwkZily1sXXjSRnKVfD%2FFg7L5CW5ghLxKvBB51I9NcAcGQMvgXhVVo%2FFb6faeDDHBMpgAhEDF3EGxrLZHEQ%2B747%2B2%2FDD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e96913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pone.png
img.sci-hub.shop/scihub/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pone.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1637
last-modified
Fri, 30 Nov 2018 05:57:24 GMT
server
cloudflare
etag
"5c00d144-665"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cb0PeaU%2BchxSvt1y8KDN3aIugSkYzoYnpJ%2F1GmtEt7jGyK6R32pmlOV61gFcitmWH0LxUOszuuyKIuBCcZQV%2FadlCs0w7omkGcdhqFahAa8glSFIK93UL%2BAVaFtrogvWd2%2B02KN4dCTA0WVJxc2W"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e98913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ptwo.png
img.sci-hub.shop/scihub/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/ptwo.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3907
last-modified
Fri, 30 Nov 2018 05:57:30 GMT
server
cloudflare
etag
"5c00d14a-f43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tw4UlcjkelvX%2BTM%2FovSWDfl35QSkty%2BdiKS%2BcHnXLmBc1jMC7SdmDVRvruTAhMy%2BuEkcXgqO%2Bpdc9hB%2BNKFriczRmWf2AlEYZYzQdO2oBADhx94WQFiOLjMV6uT4I8xQ7JuA82%2BIS3LLRr2YRPRk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e9a913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pthree.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pthree.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4278
last-modified
Fri, 30 Nov 2018 05:57:36 GMT
server
cloudflare
etag
"5c00d150-10b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrHcSJ6Rb%2BXf5MNFdXJAadwQp1ONU06JRBK8VQ2jotfJjc%2FP2afsNEHtJSarRPX%2B655uBQc1owjKlBdPYrP7QE3WBg6LHdYnfP6BMgR4Ry%2BKTErAbwtyMP0CsxZ1%2B09Rhv7mN7gPQ1mYIragt3j3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a7257e9b913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 		0
0
people.jpg
img.sci-hub.shop/scihub/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/people.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51212
last-modified
Fri, 30 Nov 2018 05:57:56 GMT
server
cloudflare
etag
"5c00d164-c80c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuBKt%2FQYeVQNn8Jq982w9RGyiWxN3%2FDSR4%2BOcU0CbjovXCMXK3ClKgXeqsjGbB2ExFvJUkqTwS36KGj%2FXQXntWdKWI7U%2BDDZpnYbvCfQMVfMVxwZgFdvaqhMd7TC%2FHIbj1So%2BfLliSQFr%2BhyQ8yc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a725aee0913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
join_en.png
img.sci-hub.shop/scihub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/join_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6197
last-modified
Fri, 30 Nov 2018 05:58:24 GMT
server
cloudflare
etag
"5c00d180-1835"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pr5Dq%2FyTc7I4oBBcwkBU0txKg7XEWUa5Ilu5rsiWRpK37wtV15TpfqCz1AmpJGiKdDDTLokxvfYFbK9eYpR3VtuP5YsGGZoUkAp5XV3nOGxgLFF7S76lLiPt0rB%2BD1kPYEMOiv%2BjzY%2F0o1JRcVhi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a725aee2913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
joinvk.png
img.sci-hub.shop/scihub/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinvk.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17834
last-modified
Fri, 30 Nov 2018 05:58:30 GMT
server
cloudflare
etag
"5c00d186-45aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxwhGUC2jj5JoIjwkIQ%2BoE%2FP8C%2Fm7LUX1uaMF6Law81LK7SvuHOmz7K9hrols40b7BVlV9bKwIiR5lyqhZGcC66BUqiIb%2BKg6k7etzV%2BlV48OQVbxByw%2FN2XpJrUgWaIUtW6LngbYABy5Q3selI9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a725aee4913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jointwitter.png
img.sci-hub.shop/scihub/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/jointwitter.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5751
last-modified
Fri, 30 Nov 2018 05:58:42 GMT
server
cloudflare
etag
"5c00d192-1677"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBBjNKcvHliAwjsrLAXSlmj8V6pAgzqLJIy6Cz%2FCTABtow5rr%2FGsWUnh7U2%2F41Pl2XGhi2WX2IDwaJE2SBm%2FfKeO%2BK8TOoySvKiTjRJ2R7PhH8OPU8dSn7nw0Yr4keS4gqNYfQ%2BjH6qmxp5pWu%2BL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a725aee5913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
joinfacebook.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4152
last-modified
Fri, 30 Nov 2018 05:58:36 GMT
server
cloudflare
etag
"5c00d18c-1038"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGwDp1UFG7A5POOlJkUmqcKMLwZbLUChxf43ukMwbk5%2BosFa6k%2BqZTHvMc3n%2FDYcoFmEXUIOWe0svi8q7c9b7tE3QC%2BFn9suhP7GbPbKsTeWyDO%2FbV7V71Yr%2FUGgFuAIb4DLwsM7UDlDpptZRHtF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7378a725aee6913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pluso-like.js
img.sci-hub.shop/scihub/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/pluso-like.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1236932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 30 Nov 2018 04:39:20 GMT
server
cloudflare
etag
W/"5c00bef8-a5cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6HmmKRCqsTtOZXFW5vZsIn%2Br7afWBUEDhqZb4menox0edyLffD1W3uPpns8u31RwcgxDWYhBise8WpCaagt94oGMpxZ8Sgz%2BjbnDqLXUeyQjjvo8rWNlydW9FrDUHxksm5xi51%2FrJX0hE7cChWT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7378a725bef3913d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/ 		339 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba07c8e43fed61c334d613db3ec03b0169d976d158d172d6b3eafe45bb23c2ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122293
x-xss-protection
0
server
cafe
etag
1301530118334241835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 08 Aug 2022 13:38:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/ Frame 96EB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 02:41:30 GMT
etag
8616628553774171045
expires
Mon, 22 Aug 2022 02:41:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		212 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.mksa.top&callback=_gfp_s_&client=ca-pub-5200551945029930
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8124627ac5e80d7d065344f655924118b3a2e8c6b056313d0acabbc50e8ebec6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sci-hub.mksa.top
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 13:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sci-hub.mksa.top
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 13:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsci-hub.mksa.top%2F&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F371 		127 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&adk=1812271804&adf=3025194257&lmt=1659965912&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912160&bpp=2&bdt=595&idt=324&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2840376174394&frm=20&pv=2&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
686d1230f45a62a91392487950b14ee262e98e7e968dbb1b35185aba9e58fb0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
39127
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 13:38:32 GMT
expires
Mon, 08 Aug 2022 13:38:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C077 		94 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
406c64e330dd6ebad4f933d1c6a248447bfde88a66c49fa65858790dfef10df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
38398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 13:38:32 GMT
expires
Mon, 08 Aug 2022 13:38:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame C077 		67 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 13:58:10 GMT
x-content-type-options
nosniff
server
cafe
age
85223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
2462972746714251406
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Mon, 08 Aug 2022 13:58:10 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/ 		150 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/reactive_library_fy2019.js?bust=31068774
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39af430da84d8dc1c1a461cee5036e3af8c61cd9a728d5e6c32fa601f78647d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54864
x-xss-protection
0
server
cafe
etag
2006831840570534256
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 Aug 2022 13:38:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BFB6 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEJLZsbMDGM-fgs0BMAE&v=APEucNU1TrB1u0_uJIamw1CutCBADjM-QbWBaHSJjM7VQayT31xVbNqNkIBlhj2MfWUsq8dOolx1PlOzKmuq8oSD-b2GQxfzzl9JSz6fETHEZYCr1FBoI2CHEfkJlbSTydxwcdrDF-qH_GFhsjQEVIraKmYku_IHkKFmcDSQHMeD4c1at8BG_8s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 13:38:33 GMT
expires
Mon, 08 Aug 2022 13:38:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame 7733 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9503
x-xss-protection
0
server
cafe
etag
7252816286414963076
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 13:25:33 GMT
14749832593501109847
s0.2mdn.net/simgad/ Frame 7733 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/14749832593501109847
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb0af33824974ff2622514a3bd7b390779111e3d2aa0e1369514a04bd3e44808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 21:52:17 GMT
x-content-type-options
nosniff
age
56776
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13047
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 16:13:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Aug 2023 21:52:17 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/elements/html/ Frame 7733 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 09:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 09:34:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7733 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvo1j9Hp8JvpMAaLitN5OqK_hYSK6iyFxa7HwpgOWYJUxEsNIPUr6gd02vgr8z7bH-Jbx3v-fR797CyHZfhEy82Ay1_R0mlUBsbgkuMYuUv-gAieIipn2EEiUjDNE5EmtSZp6C_7Nzf2PU3aJkWisWBD-CPCrmN7qyWDyDgUkUEn3NWjjHGic-B5bjZX2xjhqmqaGSilSzdtXKwsDjyeyEg7WQEIUV88dwVkuYVJWpP_ZKziaOiAJvTIYoSphkXtcbmXnw7WL7_rh4zjb_YDx-Re6GOKTnAU5O4xdRO02DQxgSYGnurSM6PJDywf8CfAZx6QWC4dnvp2ippKZzF6ItHLQ_Aun_Z__J69nkpzJfCSSCnkRw1KRnmaR7wNJEmY30o6pJE3OQNmPkufWbcvN94H0AO5xon5ly7waijdbtKrWnBBGQe0MP5Cj5m03UbVQUNUHObhgelzrf3j9i_XtSjh3mv0igusEslB_XQ4bv7R4poA6rYBWmKDkAx8ZVOlxOwrB2mc1G5jX1fPaGGyUPSeBN6wqxr_qRmCfQaFeSu7qwVmSqMrzE2_wkZGx5eiCCDn3zrwxpwvUc4qfI1wfJhVu6Bc_V-K_AljKf-Eog6KMHCdtVgrJjYibNTn8U7tVYVsJ9ehNeJHLlbRLOMW8N4NeSzJmtg4WWvYEiFcSkm0HNRnUSjKCXK3XVvuYVrTg3mECkxCao05ufU7JNCtGar8JWs6Us4bh_MH5jd_IlZh__HyYRzUKTjO93Rjd-4iSls-3nUTncmQSeCXQvKtgs84faOYQL0b8T5Jg3UH7x4zIjLvz4PUh8U2FxD23EuXahBY-qz58YTFhMPt8p6rn5E1IjajW_k-pkJkX-ulwAYZv31BfsFRddMnw5dyMrlC1n515Zm7Jv7ll34W-ujVkenAys8w6So3cl1jjgbUT0Sh7ACru_NU4yzQh_YS4ijGyn_e81ZSi_j68FG9lY-qEg9x-DhKahi_SbzZNTQwxv1fITaQxNEy_I15pfq_QOF8IMveMK1kXY7KK6v6YKgR0NY497VxXGESRg1s8792daQ6rvzt0lmLujdAO-vyC0GcCMnu9CRpgj-fhJTl97J4fYWuSGupQMkXUUE0JbSfdVRc2Wj_3gwR45Z7IApHtr0Aat0u0FbW103iWBLPlvhWNjQ&sai=AMfl-YQFa__-9WKrHzf6SokurrHCGnYSkWpRATuKpQY3yUefW06VNgunvD3Z6vSCPnqLlJ_xiRuQ_hWzNaW1pzoBkfDzoKIl6mdyed6FBgH9T0qGBIYN8WfrVHZ1jDFTIELjMgFHLyaLuk0_hDsmV39ZMEj8VBNzHdz-95Q_PzXAQK96dIw45o06mV4&sig=Cg0ArKJSzLNx9ZbNJJ4UEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220803.54556&adurl=
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 08 Aug 2022 13:38:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7733 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
335548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Aug 2023 16:26:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 7733 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 13:31:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7733 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 13:38:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 7733 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 13:31:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7733 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A62AUJZJCcc__BX6FWu-5jptDKHT-sVdhiqAYrrjFJ1b_S2Ic9FAFiQq_3C_kvZ8GitdWnaBvJI3Yv5lY1brL_UH9NAVqidHebGTt_sgEoC6PzWYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BFB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEJLZsbMDGM-fgs0BMAE&v=APEucNU1TrB1u0_uJIamw1CutCBADjM-QbWBaHSJjM7VQayT31xVbNqNkIBlhj2MfWUsq8dOolx1PlOzKmuq8oSD-b2GQxfzzl9JSz6fETHEZYCr1FBoI2CHEfkJlbSTydxwcdrDF-qH_GFhsjQEVIraKmYku_IHkKFmcDSQHMeD4c1at8BG_8s
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7378a72e3e1890bb-FRA
pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFnDUwgZiIsdl8vjFsLbB%2FzA4ySjSXFuen%2B%2BpKij6bJ2b5TtUwAZKbMihO5SJhNlq%2Fcpc0sZGKSVQhJtnwxJhQQaCL%2FYUsmVbI81h0TBSfMm%2FZOI0cgIdZp%2BXcL82GOSOvLiU9gGMquEwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BFB6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvER2fdBxTFT96EvnmHlDwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEJLZsbMDGM-fgs0BMAE&v=APEucNU1TrB1u0_uJIamw1CutCBADjM-QbWBaHSJjM7VQayT31xVbNqNkIBlhj2MfWUsq8dOolx1PlOzKmuq8oSD-b2GQxfzzl9JSz6fETHEZYCr1FBoI2CHEfkJlbSTydxwcdrDF-qH_GFhsjQEVIraKmYku_IHkKFmcDSQHMeD4c1at8BG_8s
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
7378a72f5ef790bb-FRA
pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXpl%2B933X%2B1DU%2B%2BexNNtgUXktYl7x5Az9JXPKaJiY%2BnPCy%2BPvrRTcTJD341IAD%2FLS2eOc2t3wN7T%2BRpezyCn0c3RYuBU8kAISUwEsx0DcqJvtR3H6QDcIn2mMFCrgB8v2UXXu4LkJN%2F%2F%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMmx_qZOIdhCDlbP3AGR7ZY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BFB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIVN8Snk4Ldg8cr2wyrPTd4&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIVN8Snk4Ldg8cr2wyrPTd4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEJLZsbMDGM-fgs0BMAE&v=APEucNU1TrB1u0_uJIamw1CutCBADjM-QbWBaHSJjM7VQayT31xVbNqNkIBlhj2MfWUsq8dOolx1PlOzKmuq8oSD-b2GQxfzzl9JSz6fETHEZYCr1FBoI2CHEfkJlbSTydxwcdrDF-qH_GFhsjQEVIraKmYku_IHkKFmcDSQHMeD4c1at8BG_8s
Protocol
HTTP/1.1
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 13:38:33 GMT
X-Proxy-Origin
185.213.155.177; 185.213.155.177; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ff40d14a-dd3c-4f0a-bed4-d78a8918a5a7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIVN8Snk4Ldg8cr2wyrPTd4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFB6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMDQ2MTE5NTUwNTY0MTAwOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMDQ2MTE5NTUwNTY0MTAwOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOriuECEJLZsbMDGM-fgs0BMAE&v=APEucNU1TrB1u0_uJIamw1CutCBADjM-QbWBaHSJjM7VQayT31xVbNqNkIBlhj2MfWUsq8dOolx1PlOzKmuq8oSD-b2GQxfzzl9JSz6fETHEZYCr1FBoI2CHEfkJlbSTydxwcdrDF-qH_GFhsjQEVIraKmYku_IHkKFmcDSQHMeD4c1at8BG_8s
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 13:38:33 GMT
X-Proxy-Origin
185.213.155.177; 185.213.155.177; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a4ff1e78-5f31-4fbc-9219-2ef87de9a4dc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMDQ2MTE5NTUwNTY0MTAwOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sci-hub.mksa.top
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sci-hub.mksa.top
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/ Frame 9A88 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 02:54:42 GMT
etag
8616628553774171045
expires
Mon, 22 Aug 2022 02:54:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3E7E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
335548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Aug 2022 16:26:05 GMT
expires
Fri, 04 Aug 2023 16:26:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 9A88 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:55:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:55:37 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 9A88 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 21:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 21:54:07 GMT
cbe1efddb302f605da3fa48f2d8380b0.js
www.gstatic.com/mysidia/ Frame 9A88 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cbe1efddb302f605da3fa48f2d8380b0.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2eaac5c0600c2978475f641c7ae004ce88dd3abbcee6226504b3ae32bd8f4ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 21:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7953
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 21:04:12 GMT
css
fonts.googleapis.com/ Frame 9A88 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 13:01:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 13:38:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 13:38:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 9A88 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 13:36:11 GMT
a44a0b8f447061e92ca19622c4392a02.js
www.gstatic.com/mysidia/ Frame 9A88 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 06 Aug 2022 16:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2233
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 04 Nov 2022 16:51:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame 9A88 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:31:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9503
x-xss-protection
0
server
cafe
etag
7252816286414963076
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 13:31:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 9A88 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 13:31:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A88 		139 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43822
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659527892023609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 13:38:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 9A88 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:31:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7643
x-xss-protection
0
server
cafe
etag
5476907727954993956
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Aug 2022 13:31:07 GMT
feee445475856395ba7fe4dbc8183291.js
www.gstatic.com/mysidia/ Frame 9A88 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/feee445475856395ba7fe4dbc8183291.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:47:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7733 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvo1j9Hp8JvpMAaLitN5OqK_hYSK6iyFxa7HwpgOWYJUxEsNIPUr6gd02vgr8z7bH-Jbx3v-fR797CyHZfhEy82Ay1_R0mlUBsbgkuMYuUv-gAieIipn2EEiUjDNE5EmtSZp6C_7Nzf2PU3aJkWisWBD-CPCrmN7qyWDyDgUkUEn3NWjjHGic-B5bjZX2xjhqmqaGSilSzdtXKwsDjyeyEg7WQEIUV88dwVkuYVJWpP_ZKziaOiAJvTIYoSphkXtcbmXnw7WL7_rh4zjb_YDx-Re6GOKTnAU5O4xdRO02DQxgSYGnurSM6PJDywf8CfAZx6QWC4dnvp2ippKZzF6ItHLQ_Aun_Z__J69nkpzJfCSSCnkRw1KRnmaR7wNJEmY30o6pJE3OQNmPkufWbcvN94H0AO5xon5ly7waijdbtKrWnBBGQe0MP5Cj5m03UbVQUNUHObhgelzrf3j9i_XtSjh3mv0igusEslB_XQ4bv7R4poA6rYBWmKDkAx8ZVOlxOwrB2mc1G5jX1fPaGGyUPSeBN6wqxr_qRmCfQaFeSu7qwVmSqMrzE2_wkZGx5eiCCDn3zrwxpwvUc4qfI1wfJhVu6Bc_V-K_AljKf-Eog6KMHCdtVgrJjYibNTn8U7tVYVsJ9ehNeJHLlbRLOMW8N4NeSzJmtg4WWvYEiFcSkm0HNRnUSjKCXK3XVvuYVrTg3mECkxCao05ufU7JNCtGar8JWs6Us4bh_MH5jd_IlZh__HyYRzUKTjO93Rjd-4iSls-3nUTncmQSeCXQvKtgs84faOYQL0b8T5Jg3UH7x4zIjLvz4PUh8U2FxD23EuXahBY-qz58YTFhMPt8p6rn5E1IjajW_k-pkJkX-ulwAYZv31BfsFRddMnw5dyMrlC1n515Zm7Jv7ll34W-ujVkenAys8w6So3cl1jjgbUT0Sh7ACru_NU4yzQh_YS4ijGyn_e81ZSi_j68FG9lY-qEg9x-DhKahi_SbzZNTQwxv1fITaQxNEy_I15pfq_QOF8IMveMK1kXY7KK6v6YKgR0NY497VxXGESRg1s8792daQ6rvzt0lmLujdAO-vyC0GcCMnu9CRpgj-fhJTl97J4fYWuSGupQMkXUUE0JbSfdVRc2Wj_3gwR45Z7IApHtr0Aat0u0FbW103iWBLPlvhWNjQ&sai=AMfl-YQFa__-9WKrHzf6SokurrHCGnYSkWpRATuKpQY3yUefW06VNgunvD3Z6vSCPnqLlJ_xiRuQ_hWzNaW1pzoBkfDzoKIl6mdyed6FBgH9T0qGBIYN8WfrVHZ1jDFTIELjMgFHLyaLuk0_hDsmV39ZMEj8VBNzHdz-95Q_PzXAQK96dIw45o06mV4&sig=Cg0ArKJSzLNx9ZbNJJ4UEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=160&vt=11&dtpt=159&dett=2&cstd=0&cisv=r20220803.54556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 13:38:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 7733 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74d210b9ac06bbc87d26d9f50584bfe9dacdcc09ff958b9524a6699c7725915c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 3E7E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
6535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 11:49:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAAAUQDAECg0QKyEAAAAAAAAYQDABCg0QAyEAAAA4M7NtQDAEEhpDTHJhdmZTdXRfa0NGUWprN1FvZEwzNFBwUSIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cbe1efddb302f605da3fa48f2d8380b0.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BDF8 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3561
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 12:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame BDF8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 13:38:33 GMT
expires
Mon, 08 Aug 2022 13:38:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 13:38:33 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame FB65 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
6535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 11:49:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A88 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEmJhbm5lci1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QDSEAAAAAwJm5PzAECgkQHioDMHgwMAQKCRAZKgMweDAwBAoNECshAAAAAAAAIkAwBAoNEBAhAAAAAABoskAwBAoNEBEhAAAAAAAZ1EAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAA0My8b0AwBAoNEBQhAAAAAICr1UAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAAAAABIc0AwBAoNEDIhAAAAAGhm5j8wBAoNEDMhAAAAAGhm5j8wBAoNEDQhAAAAAGhm5j8wBAoNEDUhAAAAAGhm5j8wBAoNEDYhAAAAAGhm5j8wBAoNEDchAAAAAGhm5j8wBAoNEDghAAAAAMzM_D8wBAoNEDkhAAAAAAAAREAwBAoNEDohAAAAoJlZREAwBAoNEDshAAAAODOzb0AwBAoNEDwhAAAAODOzb0AwBAoNED0hAAAAAADAb0AwBAoNED4hAAAAzMzcckAwBAoNED8hAAAAaGbeckAwBAoNEEAhAAAAaGZec0AwBBIaQ0xyYXZmU3V0X2tDRlFqazdRb2RMMzRQcFEiFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoAw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cbe1efddb302f605da3fa48f2d8380b0.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E7E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5abk2BHxYsGCKJmOjvQP97C3gAcAAAAAOAHgBAI&bg=!QkGlQQXNAAZGjrx1Zo47ACkAdvg8WtQ_gXGN-aKllkeuaAe8Ui2vpGyvB9wbDq-DX39fqf0gKeljPQIAAABvUgAAAAJoAQeZAypYGW-sqqeAZiA6K7NhPk626cKI_zNtoUH9W1lO6MrkDeP1Fh-hwf3Rrdw-RW3QVKDqiX4yR_kraljdsLih6MPKRyyq2OHVhsmO3q6TR3OSw0_qTIY7KuDgzafbzu4m_ZL3uJjq-TEnExFr2es_pvDCWGBfC5TLoHPC21bD6boYgvbUK-rZe5egwFF9_yyy1WRyzZLgeTYErXKGJtZfppkeNiFOQJB-Xlbc34EE7W13Kcy4Ee0IjCsvyaTn53jB68RgErdG-Wf9cHX9ybt9nD6mRAKCWq1LfMFc8t3Uf_2T3vhcJTNg_QmcUx6qPAEX3crogt-KYqjHey50nFTxK3GNnli2jPeB3Uyd--ljpA3F-aQgCqNfDHNjFyg746nQXkTqdho_D7lq7EqEiV1sbGI1skoHBgVrMdscbi7hUB6_V8YZJp7Da1J4_auPMMY392tsrsbfTTAzrcdNgkM-1zgIIO4sRdjQkMWKCpPAVW_xZbxwIKeJcDZj23ztaJoRxELRXg3SjKN5pEUIrXHp6Ymv8CfcpGidpQxci_RsJclgu2vcochleOG1_Cn-L5Em-6O2mtzynyLZdnQ1rsHEik8UoiBW78BLfYb58VrlEqF47OmRsNKHdJJFfDdAnpVrOUwYPyzTI36zQ20ZcWGvwoKWpoz-SwqTq4T3iCMN5sB1nZsxMJOqeiuE6BGpYMocDKN9Ybp1y3V-dH3HYkRnUp8N-eBAuRXgAc03v2Vvvv8T8eVATj4yH4YU3O2EhFtqgoiA0Z3W7POnSWhhtfGQS07V2nLbseyrPzyGIzkRogLN9SsMk7aV4RGhaTP4MIwmM1goaC8hfxMRwX5E6G6Az0gbXaiHrmfgxz4cKASdF1Otl6_f3oDftNFl6hAP9YC3SEsMW4VHN4qAXevhhv_9l2gwjGLRJ606ZZsGRAcd6CpPFVkb6nKGmBCiv2rpNdqrf6UhaYebd8b-eK1yWquP0r4LBJiWiMaf-TnnRwVYj2jsj19abeYKpR-4LAHgEnfG0QzjttWKQT0Djn2-OcOJ5r1HYCtQV4TvHvv-eg3F2fEuJVuBd-0XeN00Cn8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1659965912&rafmt=1&psa=0&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659965912162&bpp=2&bdt=598&idt=338&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2840376174394&frm=20&pv=1&ga_vid=1116867882.1659965912&ga_sid=1659965912&ga_hid=1853809421&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068774%2C44764001%2C31064019&oid=2&pvsid=1398026385403346&tmod=641095211&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8Tw7Kcb2st&p=https%3A//sci-hub.mksa.top&dtd=342
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 13:38:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
process
share.pluso.ru/ 		120 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=LNA5LClrW8qqKNfe&first=1
Requested by
Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
4ea54c9bb9163e28919bf9980cb41e040cc4815347b3e861b76af6ade6ff3886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 13:40:35 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
application/javascript
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
120
X-XSS-Protection
1; mode=block
process
share.pluso.ru/ 		120 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=wTundefinedEW5XOxuvGmNA1
Requested by
Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
4ea54c9bb9163e28919bf9980cb41e040cc4815347b3e861b76af6ade6ff3886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 13:40:35 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
application/javascript
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
120
X-XSS-Protection
1; mode=block
hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 13:38:33 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 07 Aug 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 13:38:33 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 07 Aug 2021 21:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220803&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e0a47e3fa5aed39585290ca4d350a56eb91cd3a06456d27ef6210c97453aba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Aug 2022 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10502
x-xss-protection
0
06.png
share.pluso.ru/img/pluso-like/square/medium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://share.pluso.ru/img/pluso-like/square/medium/06.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 13:40:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2015 11:02:40 GMT
Server
nginx
ETag
"552ba250-5b8f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
23439
X-XSS-Protection
1; mode=block
plus.png
share.pluso.ru/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://share.pluso.ru/img/plus.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 13:40:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2015 11:02:40 GMT
Server
nginx
ETag
"552ba250-98a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2442
X-XSS-Protection
1; mode=block
kb.js
kitbit.net/ 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31068774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 08 Aug 2022 13:38:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 295B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1360
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 13:15:53 GMT
expires
Tue, 08 Aug 2023 13:15:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 84A6 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
840c8abfe40790d0c987bf1e7766ef178fa90fc06e59795bcb1c0bf73c633fce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sREqL2N0NHwJnyxAKxBUiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-sREqL2N0NHwJnyxAKxBUiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 13:38:34 GMT
expires
Mon, 08 Aug 2022 13:38:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 295B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:49:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
6536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 11:49:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 84A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220803&jk=1398026385403346&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 295B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gzGyFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220803&jk=1398026385403346&bg=!yMuly4_NAAZGjrx1Zo47ACkAdvg8Wiz4R9vjp5GgccZ_kjolzKdtsy2PlYVY2d6vGTeZXDMpfvvFDAIAAABpUgAAAAJoAQcKAIsFpDoA7lj9nYiNwAndqiVtKlCrx6KR07I_4fEF1VsDQZQ72_F6Dq96lWu5WYec8mFwIliSg6iqQGyqgPr9VZ5QKqrm_Ck2C0lcEJpi3UCoLZx4F8JiEmUzAE1FIyXuRUjxbEw3bWzqgJ3XMmj83ifT0-ABnlITKtgqxl2NpXxhbKTrVtgayNRRKCgImQLGfPYKwK6a1AYdwuUr5CHQptlN8QEDQgM3ADpzFtAzIrFj_HbtEIZ_Yih7QZh-zTKezVW_7US0iAJ7Oteb4ZoL9Brp--KX7SnpFqQeCkme0NwXicTKLnpx_oFLPGoSdFAylHraLieX9LXcdfQ1mmUTQzJXaKpYbJGQ33wtPjn_qrSRYyK7H-xogS0J07SpG_tOdhFV5RHAu9M6-gQHMpadRsCmxEaZQ5jP8dZTz8c1JPi4CKYVdhdNsiDnplFYGMOziEETj6a_JFVtW9uuIulovLFhuQFvJBoR5jy3-l2TyurhB3ndsSsLYiHP80Dw4cfx25bm3RiFMHTQjS7BLDHHPY_0T0Q2yRtVwE1yrwmb6dJrKc6or238EH_p90TwwSGuiaJj63I29ozM0vkwsDjFIz8WrqesuA_VYOXFybBjOH51__WB3WHzvdriM_KcghSUii4uw458Wskyk2UDUEbilELTZVpEkXZy0hWvhPMsQpNLGkp8gQZgGlZLec2Qt647AkKG_A1CLH_21AT2zHQeLDYhpP1tTBGUypjwQkaZhU9cBgaFvFN0Qj0AWp6VR_1U0BtOOGFSW0YrIEg5yg3jDdWaF2jRIavsF1vlN7w3nIBRgPvx6UQ-BiAvSw5PpLUWwJpacEaFvPU1gl25_dYiIgfsKZDL34yryC2GdKy_I_CCffGssvefv702ABaxnGos1n2SLxrWxSHcU6kWkGXCZcomGpFNCXnSp5bc38VOXv0cN27CzvmXLkrWEYlYbovr7igt0T_flUNyjHQ976x8OlDpKhhqCct2LVZZxDIbdDIjs0LObzyOghOuDs1sx8fYSzp6x7ziFFIoUfMt9V_-QCJcvUGRwUNs0behSbhZCWmCraRixzxnXllutSaMUcGRCE8UeYbPxYR8z5Vo0mlBbC0DK3XMtVc0UcZw9Pz086gpNvRoY7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sci-hub.shop
URL
https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Domain
kitbit.net
URL
https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go object| adsbygoogle number| ifpluso object| pluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| k string| pt object| s object| GoogleGcLKhOms

13 Cookies

Domain/Path Name / Value
.mksa.top/ Name: __gads
Value: ID=d530887bf534f865-225fa83eeacd0026:T=1659965912:RT=1659965912:S=ALNI_Ma1lSwEyD9UP7O4iaQ6Whf0iYXfuA
.doubleclick.net/ Name: IDE
Value: AHWqTUmzKrKt8ncKu72GStuflM7-yqbt47ocHrjob1LdjulyCXvWm2PYDCn7gMM0
.adnxs.com/ Name: uuid2
Value: 7210461195505641009
.casalemedia.com/ Name: CMID
Value: YvER2fdBxTFT96EvnmHlDwAA
.casalemedia.com/ Name: CMPS
Value: 1218
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVPKkT.S!@wnfH8K6pQK`!5=E<*L5?%K<gl1Mr3EJHr02FhYfNhg[0r3jW:/`7j/Pg@p*bpRz*qF1`*b^f'*!_i_
.casalemedia.com/ Name: CMPRO
Value: 1111
.casalemedia.com/ Name: CMST
Value: YvER2WLxEdkA
.casalemedia.com/ Name: CMTS
Value: 1180
.casalemedia.com/ Name: CMRUM3
Value: 2d62f111d92760CAESEMmx_qZOIdhCDlbP3AGR7ZY
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yadro.ru/ Name: FTID
Value: 1YyH7P2h0quN1YyH7P0033NR
.yadro.ru/ Name: VID
Value: 1N2OaS0fVcON1YyH7P003NZR

3 Console Messages

Source Level URL
Text
javascript error URL: https://sci-hub.mksa.top/
Message:
Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.mksa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271802&client=ca-pub-5200551945029930&fa=2&ifi=3&uci=a!3&btvi=2&xpc=hsuMiNmxsU&p=https%3A//sci-hub.mksa.top
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
counter.yadro.ru
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.sci-hub.shop
kitbit.net
pagead2.googlesyndication.com
partner.googleadservices.com
r.casalemedia.com
s0.2mdn.net
sci-hub.mksa.top
share.pluso.ru
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
img.sci-hub.shop
kitbit.net
104.18.19.126
142.250.185.66
142.250.186.162
185.89.210.101
216.58.212.162
2606:4700:3031::6815:4958
2606:4700:3033::ac43:a162
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:400e:80c::200a
37.200.67.211
88.212.202.52
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e0a47e3fa5aed39585290ca4d350a56eb91cd3a06456d27ef6210c97453aba4
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
39af430da84d8dc1c1a461cee5036e3af8c61cd9a728d5e6c32fa601f78647d1
406c64e330dd6ebad4f933d1c6a248447bfde88a66c49fa65858790dfef10df9
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4ea54c9bb9163e28919bf9980cb41e040cc4815347b3e861b76af6ade6ff3886
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
686d1230f45a62a91392487950b14ee262e98e7e968dbb1b35185aba9e58fb0f
74d210b9ac06bbc87d26d9f50584bfe9dacdcc09ff958b9524a6699c7725915c
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7d9be8bca8e99d3e4df920b526377cdc77fe018083325fa9ca149dd4844b7b28
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
8124627ac5e80d7d065344f655924118b3a2e8c6b056313d0acabbc50e8ebec6
840c8abfe40790d0c987bf1e7766ef178fa90fc06e59795bcb1c0bf73c633fce
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
ba07c8e43fed61c334d613db3ec03b0169d976d158d172d6b3eafe45bb23c2ca
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
d2eaac5c0600c2978475f641c7ae004ce88dd3abbcee6226504b3ae32bd8f4ea
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e
eb0af33824974ff2622514a3bd7b390779111e3d2aa0e1369514a04bd3e44808
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6eb7e497456d60d78ba389a1e92e3342238c4f8429dfc05c08fdc35950a4e28
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28