sci-hub.hkvisa.net
2a06:98c1:3120::3 Malicious Activity!

Go To Rescan
Add Verdict Report

URL:
https://sci-hub.hkvisa.net/
Submission: On March 24 via manual (March 24th 2023, 11:29:49 am UTC) from DE — Scanned from NL

Summary HTTP 123 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 123 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.hkvisa.net. The Cisco Umbrella rank of the primary domain is 450734.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 8th 2023. Valid for: a year.

This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3034::6815:9e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	2a02:2638:3::f 2a02:2638:3::f	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	109.232.197.33 109.232.197.33	50234 (EULERIAN-AS) (EULERIAN-AS)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
123	21

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sci-hub.hkvisa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3034::6815:9e6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::f (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.232.197.33 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: ml.eulerian.net

mm.melia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 642 pix.eu.criteo.net — Cisco Umbrella Rank: 7921 csm.eu.criteo.net — Cisco Umbrella Rank: 8282	222 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	306 KB
21	sci-hub.shop img.sci-hub.shop — Cisco Umbrella Rank: 354280	584 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	69 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15165 ads.eu.criteo.com — Cisco Umbrella Rank: 8226 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9184	86 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	google.nl adservice.google.nl — Cisco Umbrella Rank: 14604	940 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	146 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10045	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	10 KB
1	melia.com mm.melia.com — Cisco Umbrella Rank: 79765	1 KB
1	adform.net 1 redirects a1.adform.net — Cisco Umbrella Rank: 10096	642 B
1	gstatic.com www.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	601 B
1	hkvisa.net sci-hub.hkvisa.net — Cisco Umbrella Rank: 450734	7 KB
0	kitbit.net Failed kitbit.net Failed
0	pluso.ru Failed share.pluso.ru Failed
123	18

	Domain	Requested by
21	img.sci-hub.shop	sci-hub.hkvisa.net
20	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
15	pagead2.googlesyndication.com	sci-hub.hkvisa.net pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sci-hub.hkvisa.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	csm.eu.criteo.net	ads.eu.criteo.com
6	pix.eu.criteo.net	ads.eu.criteo.com sci-hub.hkvisa.net
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.nl	pagead2.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net sci-hub.hkvisa.net
1	www.google.com	tpc.googlesyndication.com
1	mm.melia.com	ads.eu.criteo.com
1	a1.adform.net	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sci-hub.hkvisa.net
0	kitbit.net Failed	img.sci-hub.shop
0	share.pluso.ru Failed	img.sci-hub.shop
123	24

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
hkvisa.net Cloudflare Inc ECC CA-3	`2023-02-08` - `2024-02-08`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-18` - `2023-05-20`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://sci-hub.hkvisa.net/
Frame ID: A9A18A20450842129B491988CBAA14E5
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: 67B53B5B26C480F95A5D89E1A037DDA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1679657390&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390619&bpp=4&bdt=512&idt=266&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=3402861315643&frm=20&pv=2&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6kwrIVgTcI&p=https%3A//sci-hub.hkvisa.net&dtd=291
Frame ID: 392A0E6E26266FD3F66C6D1DE65A7D82
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1679657390&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390623&bpp=3&bdt=516&idt=298&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gUL439ABam&p=https%3A//sci-hub.hkvisa.net&dtd=306
Frame ID: 93F3E30A0859200D679F003F4CB0A5A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1679657390&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390643&bpp=1&bdt=535&idt=292&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=315
Frame ID: 38528ED252CAC9BE566A2E71FD300A79
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB2JrgAPOEgKNYGlAA2KzrWCa5xYK-9AydSiMA&u=%7CKl9Z6%2B%2B1tzU%2BZDGEwvmyYJlxn06DThejXpQYfNjS6YE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x3tvAYEFT3XrsBI7azHVPySKcCtSN-cFrvkAVww7PVvs3tsEyN_8Cc04Argv40IhEPfSIa3R--zffDQ_rGXraeYZofyi33qIwo80nCmBpNQ-p1vNh5RKOacHFly6xT2x2iFdPq9KG3on80PyJlQy5v0K6isBD7VyrTUK_3XuVXusPbrXKLgAP9c_YspJZgACoKGzfd08mzd_JheM-AxFhE_WqWkYZgXk2u7M1CFLvLcJIbtIaIU-qu0oF-mLuKbvQ8lx-_2Z5AfjFnwdY2TdAzb7muXBsPIYbQ1Ed-BsJFK7MGyPVcxSqnTkgcHNlVzQYuMkdDPq8AZIcVDEakqtDxqJG10WnKWX9vvbxd3jKyuH3_W5aXAcenThRyLhK2TeWDUotPqc765dqszOTRcv-6ktlKTRRxMXyNMbKkse6hO_sUlSZ0d3jIWW7vouKLB2uMpfbCI3gkAO_ZEYDnXialsOWwU3VKY6cmILYLowV75ElvqEt9DLoJoIQ6t3Zty0fUaJ6JrKiuBxpV0vMPrl1qgRZmChSdawIofkK_DgIoW8pwJqFvxaRhNwCiryq3OMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWE7WrokdZMjwPKWD1gHOlbbQC8me0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCYRMYsX0psj6oAwGqBMgBT9Dj2q9jwAWXb4KDdvqGQsKdvlUyEc0-s38CB6oo67bmvBq5prWQJQ1tXzKfZ0bmyuXNvcpY9rSgo-N2MptmRwpL4CoVw56oxiM3esYq0rzblMZ1jJU2hgbM12g0AZ6EczQtqHNoemyYUA9N6vyFUWdDGjO_r-5JNqZWmdmVYoq5a_U0BJcon3mUDlcxrvwTlVg7vNY3j6TsoxLCh0B5k7b66zSJq6HBl-GM0McsyIg_4piQVQBuAolXIhEgDSPXpEr9KuI6A9KABsP-lsXL1fWOa6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10yF2azgDO3m8DiMJlywqen6qTdg%26client%3Dca-pub-4788083219224278%26adurl%3D
Frame ID: EB073D9C5D4379F2D35970AEEB374F8D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3997822654~rp.4&daaos=1679655287706&w=1200&fwrn=4&fwrnh=100&lmt=1679657391&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657391547&bpp=1&bdt=1440&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc338fced8e1af302-2220a9466cdd00fe%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MZALt8nStbw3UjDGec-2j0uPWguaQ&gpic=UID%3D00000bcb37dca3f2%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MbJR6PBLzGuw5QoDvqANwLxctcI9Q&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mr49gETOjJ&p=https%3A//sci-hub.hkvisa.net&dtd=20
Frame ID: D360656BB0E67965E20446A2F42C8FF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1878021256&pi=t.aa~a.3235558080~rp.2&daaos=1679655287706&w=1200&fwrn=4&fwrnh=100&lmt=1679657391&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657391547&bpp=1&bdt=1440&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc338fced8e1af302-2220a9466cdd00fe%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MZALt8nStbw3UjDGec-2j0uPWguaQ&gpic=UID%3D00000bcb37dca3f2%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MbJR6PBLzGuw5QoDvqANwLxctcI9Q&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zpwmek9EVC&p=https%3A//sci-hub.hkvisa.net&dtd=26
Frame ID: E34D6A0768ED66A44FC54F6C0DB397FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=3460618075&pi=t.aa~a.2054722437~rp.4&daaos=1679655287706&w=1200&fwrn=4&fwrnh=100&lmt=1679657391&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657391547&bpp=1&bdt=1440&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc338fced8e1af302-2220a9466cdd00fe%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MZALt8nStbw3UjDGec-2j0uPWguaQ&gpic=UID%3D00000bcb37dca3f2%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MbJR6PBLzGuw5QoDvqANwLxctcI9Q&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=hMcvFUVgC9&p=https%3A//sci-hub.hkvisa.net&dtd=33
Frame ID: D7B6A3A05A2859A7C184E18663A80660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: 616F9788AEE9D7B7A6894C6F6A180ED4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1
Frame ID: 513418B355A066AB21D782330A018ABB
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB2JrwAAtlkFKMdPAAVNPhYB8CPVLHKVo8rocA&u=%7CKl9Z6%2B%2B1tzVauPONaaNKPuysasAbrzMO0SAZaIJJsRg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWbMLiOH7mOCs_8LjugR_iDmzgNE7sDThBxo4KgG-U4UVyTrgTbYcjUG4dU6BemFzgzyS-1fjHWwMMMvFN30IWyCrtzme5IqeDeFIn4AAXMfe__3oRaQ_pG2TnjOcmS7SOTaoggAY1fZi-WFHZ5skJj9AkTYMxcfeV3PmKRIUG9ZHo0ym7_jOwwEcu1U7RtcLDYRkyqDZ_5MgYqiZuDurymOWFbgSJaeIQcCgc8AW67m-TSoymCM03u_PDRbRbTfkgGiKr34Ye1p101Gpssk9rwWw6QqgHQdVq32S5dRlvWzOe-ukAnNYb_6imdtajq5UxKKbdQZQdOzOYvW-NdB5O2GhSHD9ZyrFikdYTmTFMAs-bxHFmFORVgON51XN-2kvFHKYfxXFUqg-TzoMruQTfpzGFdvaOWszXhJAosfOmCWJGg6tMT2vorWqhUjGmciZ2_LRcpq_g85P6DcLNx9kyVhKyyxRUbQMB25bCMHWPDzVmP5GHT-KtqYbjzmAOo3Wslompk5KjQ3w39efxQVMW0LwLEH8OJwC8MXdy_aMeO9mQFsr3vOSrUS-YVEZPmVY7w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngSbr4kdZNnsAs-Oo9kPvpqV8AzJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzjIAQmpAmETGLF9KbI-qAMBqgTJAU_QqmU0lSutJkeFoFHCt31wJLJ8js7mOTLaFjwDEQ4dIILcYWRWCs8U9C4991PAYckBVhyfq74hxT5IyDnQbxs8ROnjx6tFjrHex8a9VqW33qZPSjdn0h__tre1f8pfoc1TeyZYPRXUn5NIcvOYS1LV54F-eSSAk80utQQK4C1ymqw_uKN1WGawsbFUSnJWCBalc8I25-N-G3vGUgzfQStqsdyvneen-66PPbWbxZ8jo2uMr3WcBcsCkatbTpCOhCoJq0fmfAx3eoAGsvDrsq6ApYPpAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0YMLx2DQ2iilpn3E82sP3m0UroeA%26client%3Dca-pub-4788083219224278%26adurl%3D
Frame ID: 0B10D7ADD22984D126E933875FBDB8FA
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=2827209793&pi=t.aa~a.2873812152~rp.4&daaos=1679655287706&w=1200&fwrn=4&fwrnh=100&lmt=1679657392&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657391551&bpp=1&bdt=1444&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc338fced8e1af302-2220a9466cdd00fe%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MZALt8nStbw3UjDGec-2j0uPWguaQ&gpic=UID%3D00000bcb37dca3f2%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MbJR6PBLzGuw5QoDvqANwLxctcI9Q&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C180x500%2C1005x124&nras=7&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&psts=AD37Y7sZcLQ-ZufKSH0GlUZcRIulM3lMfJk4Cpcu10-qDRFFdGo9vdXpcRfYhg-g2A5ApMDr7ODAddQEQycF&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=7&fsb=1&xpc=l4Pqhjlwe7&p=https%3A//sci-hub.hkvisa.net&dtd=693
Frame ID: ABF1F74DE763378B33BABEF58E6B7BC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5ZLoQB_z02QzB_hHqtk5fVBr8jKba2eTnMK3sia1eD8.js
Frame ID: 7114871FD5246A8916D624E6B2B63E12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A8A0645FEA7E9DDCBF89D4699AD19EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65C6E8702E46330B140F40B49C8822E8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

123
Requests

93 %
HTTPS

81 %
IPv6

18
Domains

24
Subdomains

21
IPs

5
Countries

1449 kB
Transfer

3049 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://a1.adform.net/adfserve/?bn=54989417;1x1inv=1;srctype=3;gdpr=1;;ord=641d89af0447f182e6286124db0c4363 HTTP 302
https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-0x0_en&ead-creative=OthersEMEA-criteo-OE_AO_PRS_VACACIONAL_AFT-0x0_en&ead-creativetype=0x0_en&eseg-name=campaign&eseg-item=vacacional&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=24813&adfrmid=0

Request Chain 104

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1

123 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sci-hub.hkvisa.net/ 27 KB
7 KB 428ms
363ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42010ba524f3ea737e3d41bb92a10c105625b4fb795dd519e0f67bfbc1903bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=43200 no-cache
cf-cache-status: DYNAMIC
cf-ray: 7ace941dfacb0c39-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Mar 2023 11:29:50 GMT
expires: Fri, 24 Mar 2023 23:29:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW%2Bq0HogBkCO4EkLQaUU00f%2BzzKMOQr%2FcwPKPwmGNRYfRR5DJFptCX8KAWCuYflE0bnuZYDgYGDimwP4EMf%2B%2FWT%2B47FQaXBbOIq%2FL%2BIk6KL3oZ33TXd3qGqKsh6nSwMRh5bThHtwEH8X9q7ua%2B9eS58%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-cache: MISS MISS

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 127ms
37ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2521790
etag: W/"5c00bb7c-152b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNdlHbxta3IsPwa5H2G8X0vcocjzl6x7hPtV8W%2BLH8R6bGSp0WC%2BnnShMSZU7N5cI0sG8UOoJvzU5vUhPhfwCh6QJ5CRay1R0AAOfoqCDGQ67P%2BZjMQUaeIyuv%2BRpkSsgSeaIgsb7FljWgqbW%2BTE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7ace9420d9b80bd1-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:00:00 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 156ms
66ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2521790
etag: W/"5c13665c-3dee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqBP9FAWEI8w7qtV7JLmgGzNwDCnm%2BN0xUOh06V%2BdFZFdmEYAP1NAruu%2BwCExtQfvqCVVuDueVA%2FN%2FKwEe%2FK2nNIBj%2B3vrJk2a5a2aj4L%2Fzn2q0J6LpituSt%2BSLhtd0dJric6xhHhF9bx3f6ySCo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7ace9420d9bd0bd1-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:00:00 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
23 KB 139ms
49ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2521790
etag: W/"5c00bb8c-1798d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vakr6m8fpvqOeeIX%2BRLME%2BL2jE%2FZ9C1gpzYwStowgm%2FLVoAGzQ1dO4%2FLKgLi9Y3hIU863dYLo%2Bi5LhHibJjVWnW4T3T%2BGt%2BpVVDKFG%2FmFkq1Vwdah0NATBO%2B10qdAOI653kLBs7P%2Fo3HV52i7fJ0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7ace9420d9bf0bd1-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:00:00 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 37ms
36ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FetoXQzIeVvmEjfNotmPvIY2ruepfhs2TMYPhF0LM0Z9zpvCg8OKC5gtwR5sTeZ3aJtKJWTAc7Ne05nbjvrKL2miZPRGUXCXoKjqpXj6ah2Nv%2FFqxsQYoG%2BKBUV865qAC34aTJK2KTZpCQT%2FHHh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace94215a580bd1-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H2 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 35ms
34ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RuIktnUcgQPngn7d%2FalS6t4643%2Fb%2FvcDnftUdK%2Ba%2BMtmnsMhZvKl%2BVqk6xEekDbMYzvVFN%2Bmb64FE%2BUkhYVHbeodNs%2FPxIejFlDjvam3htDtNyv4E3J%2FZcOLXXWRyEsoJeTROEpTK6MGN4ay1mj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace94217ad10bd1-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 209ms
136ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72d6cbe13ee557e3ddf5934f874782f68ffe4d07b9f6ee649350a139dab3ccec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48737
x-xss-protection: 0
server: cafe
etag: 7731557108933728200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:29:50 GMT

GET
H3 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 33ms
32ms Image
image/jpeg 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7o6r9aFhA3Hg8haO5BbiOyvc%2F5MXoCPfJ9dzLoxusIqNLYFlSfDXEPWxdW3mr0jEC3ybOn5PN0lGX6FvYm3Hv7xiAzpmAiMbK8%2FyzNKMqE6awl%2FJSzIsEkyJ7ktBASGL9MVGrPb9oTLlioKo5oM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ae231c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 104ms
88ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLX%2B4Ei6Hmkv3BH41AE4t9r8SyMBWa6gboBgRyvvZuURnSj7nRfeZmcSW60G4bSmys94h8phFrr6h1X10GnORgz%2FcM%2FJjsUc85vtgIGwW6ASVLPGxo4wVb3sWhpikQadQCeUERSQ72969GakC1pJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce551c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 82ms
65ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzlgrg1T4YTYgyKeoNfwI1DeLYh3n9JzWoOXAydZCUE%2F%2FXo1fMRtfNpz5%2FLlDFWa72NxRlBiYTikJEPDph6QMI66ToVYDMVQ%2BkwWVPdWjWyjsLYWcId9Vbfio1HAxYlriPcg4pibyn18m8R7P22u"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce561c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 53ms
37ms Image
image/jpeg 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SQcf4RTD82xFMYw7RLGssA4tgrrdr3F1Vpz9vt17KxronCY5rUMYswy6O0I1sm8fJBlClkH%2FCKi5yrO7N16SbbRQ96bJ4cBpVOd%2FFDpkO6C0jxMU7sKvTr7z%2F3bY4w7I%2Fkw6arxeEh9MKadKI%2Bp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce571c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 155ms
138ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWP5xrnmZF8ZvDoB0y1ZAPVE7slIa%2FHyonrL43n%2BrnivXCujVXZ3wvQaMMxx8Bdtm5c4AZAOOrWW%2BcTCO0DNyaBX7ZdZ%2FasonK0QtG1EIw8Vod8KU65x0Smc8%2BtamJbHFw81eQAnuIFGxZrM24IY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce591c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 158ms
141ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jT6QQi1mGgtL6PkhN11BUgq86twBkx%2BYobmyXQD2R96JfW8omKzOS%2FklGCL4NMHF3OwAIlC6O3M0F6vI%2BxSIqUnKDO203HUrvvE67h9QGH7tCdQbJlin94Au4TXTteA8375YLBIfgtkIaFNQR3gl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce5a1c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 158ms
142ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjTW0zGZzi09qw2cFFGH8SjrE5knx7cZ0GRiNywhyiGTpuG5M8xJIm4b7O0mP1uwjpUvaItne4owBMqWhaYp8njDiUYjH9YT3ufS0OOqXKiUtBU4ilWRTsxTKxaMLtHue6q%2F%2FgYuFe6SFvMJCkh2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce5c1c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 156ms
142ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce1ZNSel%2BQIBMJ5kxAnrpLmhbOHYRcAdfVp2wvLtlAwGhaHKwvfmIu4j%2B5Ed50rkAUqwnquGcQN0Y%2BxEVrP2IOY1nu13KVwA%2F2z4BT9ylTtpswtDLkncT4Anj0N06A2C5v7KFkeJY2uHb11nCoMh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce5f1c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 156ms
143ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlqUC%2FZWE5F0WFce3lyZMzYCryw1C8245XSwaqMzPSn2uePxX%2ByPBLyga3VVlfpqNi1kvjuI7BwMmtS3BpcaXHBrDOs0QoS%2BagR93h6RCQGYZZhDscf3haS1epnRikxl%2B4AO7RN7GZtd9OeEGc3z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce611c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 156ms
144ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3iV7i1PVNAu%2F%2F6oDy%2Bt8uewz849tRokzNDsvlUErp5wIMy7VclyOmBrlypsQee%2BnAZiu5u868qbEbynpiT43epDRyWUP3QOcSysUtjMe4BEMboVG3VDhOvSDxoCdlm5bRFLAXcdUi04eUyI4r4C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce621c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 150ms
144ms Image
image/jpeg 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkodEcGRhU0cT7Bx05bFbfvPKwBxw04VPAqxLCtvUSWqQftiH05NupeefsxPoHIaqDXbmeD8bAuWXCGza4WDf8uVE97CXYBht%2FTEjhI70tRrpBS%2B9XjWmgHe%2BtTnpGKzbpwpKnBvykM4%2FcBGcEm7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce641c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 154ms
148ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtZKjI%2F2GAwJslDLFONAsgPZSYk%2B4DfYp0m405S5j5Xdd115gJNHr2zouk5ZBsAK9k5hNn1vNsSTmqIldJDac5z7T02X9oNZhOlu6BSmen418GSzMfpOJJlSNMorgkwRTeRLYWu8tRq0OmIABiD3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce651c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 158ms
153ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=px2bqfq7KKXFWaSz%2Fqb8FKYIO%2FwS91kI2pDcHDYyvqolqW1hZFhy%2FiBCnwBxELmIPaJbPfZ1reI1vSJVjPRgX90OsoLfUpw0WQi%2Br5zSaWCjVPu4BrKFVeMhrU6Tk7KDM5fSTezW1GYutlS2TcwO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce661c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 157ms
153ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gWJ9htq8Ah2lj50Yx7UAlk2rGXz3a7VY8o1UvAQj39Zl0tJItoDrur%2FFTkiVNIH98eYy2TuZuD80O8icTMhTTuwnolRtJBd8boJyoHd9pA5A%2FBEy7vEQjHWwVCxjrLyhj7h2BM4AFZ6NKj6hEFj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce691c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 158ms
154ms Image
image/png 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2521890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvRTM0zaEXGd33TaRX98GYcGI9VXI7jchXmP4JRz2pkp%2FlnJfYMxsmHwoCPRgz%2FhIfuYDhttCJInrduoHwxkQbO%2FvmFfEv9DSqm9Ju9Ms%2FB5Svd7WyM4G2VETLD8Ve51%2FRj10osfJvaBtJyC7Wa4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7ace9421ce6b1c7d-AMS
expires: Sat, 25 Mar 2023 06:58:20 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 119ms
118ms Script
application/javascript 2606:4700:3034::6815:9e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2521713
etag: W/"5c00bef8-a5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UunVwjB%2Febh4oT%2Fqd2OwUwezud8r%2F7Shoa3SNYytuRbY%2Foll3H%2BGYRO493078pGmJxrLAl34gDPntvc5jYXjkhy5D3GNPw4L6HpadxAqBgoSa5X561I5knloZKH4FjY7L6IUKJK6rMOrRrto5pKc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 7ace94220ebb1c7d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 23 Feb 2023 19:01:17 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31073311

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dff325b1c04812699599ec1f8a4ec5600426a5186c7bdd08293611e24d3ea0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119762
x-xss-protection: 0
server: cafe
etag: 17297855400735808644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:29:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame 67B5 10 KB
5 KB 131ms
58ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 8449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 09:09:01 GMT
etag: 2378337311435320485
expires: Fri, 07 Apr 2023 09:09:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 230ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.hkvisa.net&callback=_gfp_s_&client=ca-pub-4788083219224278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4788083219224278&plah=sci-hub.hkvisa.net&bust=31073311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68c32a5d65d39ed1d6abb75e954ebdf316e0717c328df796ec1cd2e90b32fe1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 134ms
42ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 164ms
68ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 392A 23 KB
10 KB 571ms
569ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1679657390&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390619&bpp=4&bdt=512&idt=266&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=3402861315643&frm=20&pv=2&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6kwrIVgTcI&p=https%3A//sci-hub.hkvisa.net&dtd=291

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331f65e497a837819dbf80bfdc8558826a366ad4a4c00efcbbb11044d41eb940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:51 GMT
expires: Fri, 24 Mar 2023 11:29:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 93F3 436 B
410 B 329ms
328ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1679657390&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390623&bpp=3&bdt=516&idt=298&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=gUL439ABam&p=https%3A//sci-hub.hkvisa.net&dtd=306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a38036fec8cc55b34a9292d2e0379803b084cadac778a584ba88b34a5d4ee216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:51 GMT
expires: Fri, 24 Mar 2023 11:29:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:29:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3852 189 KB
43 KB 462ms
461ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1679657390&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390643&bpp=1&bdt=535&idt=292&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dc26487aa3fab6bc0c383892f97070817c48f56e444c0f8197c8a84535cb05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44328
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:51 GMT
expires: Fri, 24 Mar 2023 11:29:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 392A 3 KB
1 KB 144ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1679657390&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390619&bpp=4&bdt=512&idt=266&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=3402861315643&frm=20&pv=2&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6kwrIVgTcI&p=https%3A//sci-hub.hkvisa.net&dtd=291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 06:49:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 392A 20 KB
9 KB 141ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 392A 158 KB
49 KB 158ms
70ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:29:51 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 150 KB
51 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/reactive_library_fy2021.js?bust=31073311

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12b07836b99ee30c17c997b2264aed3cc2fd7f875a732af3138ee312f5a899b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52135
x-xss-protection: 0
server: cafe
etag: 8571620416044620288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:29:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 92ms
91ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=4%2C2&c=ca-pub-4788083219224278&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:29:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 392A 0
0 103ms
103ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwjWCrokdZMjwPKWD1gHOlbbQC8me0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCYRMYsX0psj6oAwGqBMUBT9Dj2q9jwAWXb4KDdvqGQsKdvlUyEc0-s38CB6oo67bmvBq5prWQJQ1tXzKfZ0bmyuXNvcpY9rSgo-N2MptmRwpL4CoVw56oxiM3esYq0rzblMZ1jJU2hgbM12g0AZ6EczQtqHNoemyYUA9N6vyFUWdDGjO_r-5JNqZWmdmVYoq5a_U0BJcon3mUDlcxrvwTlVg7vNY3j6TsoxLCh0B50bTbebMGN7J-C_UvAPqKMIEr6C6aexjstkFqhOOfEw_PIeB5OV2ABsP-lsXL1fWOa6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDc4ODA4MzIxOTIyNDI3OBgA&sigh=aThBf7Qts40&uach_m=[UACH]&cid=CAQSGwDUE5ymbEz-PuRohe7-P19KUgXFnUgUA8zknhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1679657390&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657390619&bpp=4&bdt=512&idt=266&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=3402861315643&frm=20&pv=2&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6kwrIVgTcI&p=https%3A//sci-hub.hkvisa.net&dtd=291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Mar 2023 11:29:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Mar 2023 11:29:51 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 392A 0
0 110ms
33ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kqKoFu_CMMoHWp2DYgICAAAAmTvE3yyBDkz5Kf4HEK6JHWR1rmryCB0oVtZNAAASAAAKDkFRVUJCUVlCQlFFQkJR&wp=ZB2JrgAPOEgKNYGlAA2KzrWCa5xYK-9AydSiMA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 295997
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame EB07 117 KB
42 KB 187ms
64ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB2JrgAPOEgKNYGlAA2KzrWCa5xYK-9AydSiMA&u=%7CKl9Z6%2B%2B1tzU%2BZDGEwvmyYJlxn06DThejXpQYfNjS6YE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x3tvAYEFT3XrsBI7azHVPySKcCtSN-cFrvkAVww7PVvs3tsEyN_8Cc04Argv40IhEPfSIa3R--zffDQ_rGXraeYZofyi33qIwo80nCmBpNQ-p1vNh5RKOacHFly6xT2x2iFdPq9KG3on80PyJlQy5v0K6isBD7VyrTUK_3XuVXusPbrXKLgAP9c_YspJZgACoKGzfd08mzd_JheM-AxFhE_WqWkYZgXk2u7M1CFLvLcJIbtIaIU-qu0oF-mLuKbvQ8lx-_2Z5AfjFnwdY2TdAzb7muXBsPIYbQ1Ed-BsJFK7MGyPVcxSqnTkgcHNlVzQYuMkdDPq8AZIcVDEakqtDxqJG10WnKWX9vvbxd3jKyuH3_W5aXAcenThRyLhK2TeWDUotPqc765dqszOTRcv-6ktlKTRRxMXyNMbKkse6hO_sUlSZ0d3jIWW7vouKLB2uMpfbCI3gkAO_ZEYDnXialsOWwU3VKY6cmILYLowV75ElvqEt9DLoJoIQ6t3Zty0fUaJ6JrKiuBxpV0vMPrl1qgRZmChSdawIofkK_DgIoW8pwJqFvxaRhNwCiryq3OMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWE7WrokdZMjwPKWD1gHOlbbQC8me0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCYRMYsX0psj6oAwGqBMgBT9Dj2q9jwAWXb4KDdvqGQsKdvlUyEc0-s38CB6oo67bmvBq5prWQJQ1tXzKfZ0bmyuXNvcpY9rSgo-N2MptmRwpL4CoVw56oxiM3esYq0rzblMZ1jJU2hgbM12g0AZ6EczQtqHNoemyYUA9N6vyFUWdDGjO_r-5JNqZWmdmVYoq5a_U0BJcon3mUDlcxrvwTlVg7vNY3j6TsoxLCh0B5k7b66zSJq6HBl-GM0McsyIg_4piQVQBuAolXIhEgDSPXpEr9KuI6A9KABsP-lsXL1fWOa6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10yF2azgDO3m8DiMJlywqen6qTdg%26client%3Dca-pub-4788083219224278%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7ac948130ef668b966d424137fe6c276a3b4e5917bfda4b4ed695c20a813e5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:50 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oOcauumFmXmXRjWMjA6NFIZBAcYEcQ8-voG2TFYFk1eE35N3_8Xij9FxCWqF12FrkM0kal_PVF0T3phewrhVXDlqxe_K_OMzKRiCQXboXpNDF4_TnJ-qZnwlGppVyRLfGMRl70fcfo4wf1ZWwY7_zT34qJO_0zfR6sdFtEmyY1J5yX0YscY446h2hQwd9ZypaI5f8zGj7Qw7rXg7p-NTKDrtNKTtO6Ln6k1r6is4dEUsP8u3yGOBB9ZvIYkA_VwwZ3kOoA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 22379014
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 45ms
43ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 72ms
71ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 105ms
105ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-4788083219224278&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=1%2C10&apv=20230321_104446&sat=1679627578336&afm=0&as_count=1&d_count=0&ng_count=0&am_count=4&atf_count=1&mdns=0.017&alldns=0.223&allp=14&pgh=5421&abl=false&rr=n&su=sci-hub.hkvisa.net&pvc=1663000492126043&r=0.1&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:29:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 106ms
106ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_opt&c=4&wpc=ca-pub-4788083219224278&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=1%2C10&apv=20230321_104446&sat=1679627578336&afm=0&as_count=1&d_count=0&ng_count=0&am_count=4&atf_count=1&mdns=0.017&alldns=0.223&allp=14&pgh=5421&abl=false&rr=0&su=sci-hub.hkvisa.net&sl=trrp&daaos=1679655287706&ab=0&oab=0&sab=0&ls=0&op=29&fap=12~14~18~19~22~25~26~27~28&fad=0&fmd=0&vap=18~19~22~25~26~27~28&vad=0&vmd=0&pap=18~25~26~27&pad=0&pmd=0&psq=18~25~26~27&pvc=1663000492126043&r=0.1&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:29:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D360 436 B
236 B 346ms
345ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3997822654~rp.4&daaos=1679655287706&w=1200&fwrn=4&fwrnh=100&lmt=1679657391&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657391547&bpp=1&bdt=1440&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc338fced8e1af302-2220a9466cdd00fe%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MZALt8nStbw3UjDGec-2j0uPWguaQ&gpic=UID%3D00000bcb37dca3f2%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MbJR6PBLzGuw5QoDvqANwLxctcI9Q&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=mr49gETOjJ&p=https%3A//sci-hub.hkvisa.net&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8703f0974612bedaf173b6fdc5303339e43d7821c9d346cff634b01b5c03e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:51 GMT
expires: Fri, 24 Mar 2023 11:29:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E34D 436 B
237 B 365ms
364ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1878021256&pi=t.aa~a.3235558080~rp.2&daaos=1679655287706&w=1200&fwrn=4&fwrnh=100&lmt=1679657391&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657391547&bpp=1&bdt=1440&idt=-M&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc338fced8e1af302-2220a9466cdd00fe%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MZALt8nStbw3UjDGec-2j0uPWguaQ&gpic=UID%3D00000bcb37dca3f2%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MbJR6PBLzGuw5QoDvqANwLxctcI9Q&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2737&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=zpwmek9EVC&p=https%3A//sci-hub.hkvisa.net&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b28269aba2796e46abd0bfa5348e8f5acfe40d9f9c0593f5348cc1f1bde3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:51 GMT
expires: Fri, 24 Mar 2023 11:29:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7B6 436 B
236 B 354ms
348ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=3460618075&pi=t.aa~a.2054722437~rp.4&daaos=1679655287706&w=1200&fwrn=4&fwrnh=100&lmt=1679657391&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679657391547&bpp=1&bdt=1440&idt=1&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc338fced8e1af302-2220a9466cdd00fe%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MZALt8nStbw3UjDGec-2j0uPWguaQ&gpic=UID%3D00000bcb37dca3f2%3AT%3D1679657391%3ART%3D1679657391%3AS%3DALNI_MbJR6PBLzGuw5QoDvqANwLxctcI9Q&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3402861315643&frm=20&pv=1&ga_vid=497530609.1679657391&ga_sid=1679657391&ga_hid=1502197233&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4236&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295&oid=2&pvsid=1663000492126043&tmod=543289982&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=hMcvFUVgC9&p=https%3A//sci-hub.hkvisa.net&dtd=33

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e10e5e0ba0a11ccddc6d9ee5888d6a9d472a6251e7a1209d7c2da6e9b1b72e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:51 GMT
expires: Fri, 24 Mar 2023 11:29:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 392A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34f7d9b91436a79f11de686b104cff2e43954d374b6e4d2afa8c94b19a0fe369

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
92ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=4%2C2&c=ca-pub-4788083219224278&eid=44777876%2C44759927%2C44759876%2C44759837%2C31073105%2C31073107%2C31073311%2C44772269%2C44785295

Requested by

Host: sci-hub.hkvisa.net
URL: https://sci-hub.hkvisa.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:29:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 72ms
72ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 77ms
76ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sci-hub.hkvisa.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sci-hub.hkvisa.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame 616F 10 KB
4 KB 62ms
60ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 58025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 19:22:46 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 19:22:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/ Frame 5134 10 KB
4 KB 65ms
64ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sci-hub.hkvisa.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 58025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 19:22:46 GMT
etag: 2378337311435320485
expires: Thu, 06 Apr 2023 19:22:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EB07 2 KB
1 KB 93ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB2JrgAPOEgKNYGlAA2KzrWCa5xYK-9AydSiMA&u=%7CKl9Z6%2B%2B1tzU%2BZDGEwvmyYJlxn06DThejXpQYfNjS6YE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86x3tvAYEFT3XrsBI7azHVPySKcCtSN-cFrvkAVww7PVvs3tsEyN_8Cc04Argv40IhEPfSIa3R--zffDQ_rGXraeYZofyi33qIwo80nCmBpNQ-p1vNh5RKOacHFly6xT2x2iFdPq9KG3on80PyJlQy5v0K6isBD7VyrTUK_3XuVXusPbrXKLgAP9c_YspJZgACoKGzfd08mzd_JheM-AxFhE_WqWkYZgXk2u7M1CFLvLcJIbtIaIU-qu0oF-mLuKbvQ8lx-_2Z5AfjFnwdY2TdAzb7muXBsPIYbQ1Ed-BsJFK7MGyPVcxSqnTkgcHNlVzQYuMkdDPq8AZIcVDEakqtDxqJG10WnKWX9vvbxd3jKyuH3_W5aXAcenThRyLhK2TeWDUotPqc765dqszOTRcv-6ktlKTRRxMXyNMbKkse6hO_sUlSZ0d3jIWW7vouKLB2uMpfbCI3gkAO_ZEYDnXialsOWwU3VKY6cmILYLowV75ElvqEt9DLoJoIQ6t3Zty0fUaJ6JrKiuBxpV0vMPrl1qgRZmChSdawIofkK_DgIoW8pwJqFvxaRhNwCiryq3OMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWE7WrokdZMjwPKWD1gHOlbbQC8me0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItNDc4ODA4MzIxOTIyNDI3OMgBCakCYRMYsX0psj6oAwGqBMgBT9Dj2q9jwAWXb4KDdvqGQsKdvlUyEc0-s38CB6oo67bmvBq5prWQJQ1tXzKfZ0bmyuXNvcpY9rSgo-N2MptmRwpL4CoVw56oxiM3esYq0rzblMZ1jJU2hgbM12g0AZ6EczQtqHNoemyYUA9N6vyFUWdDGjO_r-5JNqZWmdmVYoq5a_U0BJcon3mUDlcxrvwTlVg7vNY3j6TsoxLCh0B5k7b66zSJq6HBl-GM0McsyIg_4piQVQBuAolXIhEgDSPXpEr9KuI6A9KABsP-lsXL1fWOa6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10yF2azgDO3m8DiMJlywqen6qTdg%26client%3Dca-pub-4788083219224278%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:29:51 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame EB07 2 KB
1 KB 99ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:29:51 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EB07 308 B
636 B 87ms
27ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 18 Mar 2024 11:29:51 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame EB07 293 B
621 B 86ms
26ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 18 Mar 2024 11:29:51 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame EB07 43 B
348 B 273ms
37ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=SRESBEaZQn3xpVjLuUtuaUmPCYcLhG0571g2HCeoo0OrZkUYRAjhvfnLfc7uw9auaAyaiK_jTfYSQufK-dpvTeUMarwO9dO4AYVq5QruoE6tsDRwokDY5y4WFB9lxkMithE927yhMpcqWGr2yieLINRbUAoN3Af3R_v5NzPrQbqGHieKnQ3oEuS95aUVa8_ibzj1uHb9jiWnZaeD6_cfvvbGsFlaB7DNhzvgfv0mY0wgK4PTlJZtJra_tLOt1O3Whv6CP4oPvqrNTPz__WrE1L4-uBlgHWtttJMQ7Ruqsr7aCwLIyh32-EmZvoTaitnDVvcspqdsC_ssRM8J2rDL6eDQvERYGjpp93KYZYdzMjNYWyPNCG_MARGAUzUkppg8srVE7h_tYtc9NMLCR3ASqIiHJn1wFfluj6GhrKfQyU5uPcnt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 11:29:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3260630
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EB07 12 KB
5 KB 116ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 957554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1FU8KMJzeeqZ%2FtxtXSOSLVIPKZlqbcXQvrrn%2Fh7YOjXQEajp07xtvT%2BnFdHo1Ozf1lFiTWoya8C4duSMzN2j1kFKyVvhibrkO8lBuzhUr6TE5905f7mh5vC%2FcGemoDYNcjcbq%2B2LgKQ2FGgHM2RSLux"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ace942afd9d0eab-AMS
expires: Wed, 13 Mar 2024 11:29:51 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame EB07 12 KB
6 KB 29ms
29ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Mar 2024 11:29:51 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0B10 123 KB
43 KB 99ms
99ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZB2JrwAAtlkFKMdPAAVNPhYB8CPVLHKVo8rocA&u=%7CKl9Z6%2B%2B1tzVauPONaaNKPuysasAbrzMO0SAZaIJJsRg%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRBERQ9uPyWchHByFMH6q8_F6t6Fqy8hjijH1D_X0leWbMLiOH7mOCs_8LjugR_iDmzgNE7sDThBxo4KgG-U4UVyTrgTbYcjUG4dU6BemFzgzyS-1fjHWwMMMvFN30IWyCrtzme5IqeDeFIn4AAXMfe__3oRaQ_pG2TnjOcmS7SOTaoggAY1fZi-WFHZ5skJj9AkTYMxcfeV3PmKRIUG9ZHo0ym7_jOwwEcu1U7RtcLDYRkyqDZ_5MgYqiZuDurymOWFbgSJaeIQcCgc8AW67m-TSoymCM03u_PDRbRbTfkgGiKr34Ye1p101Gpssk9rwWw6QqgHQdVq32S5dRlvWzOe-ukAnNYb_6imdtajq5UxKKbdQZQdOzOYvW-NdB5O2GhSHD9ZyrFikdYTmTFMAs-bxHFmFORVgON51XN-2kvFHKYfxXFUqg-TzoMruQTfpzGFdvaOWszXhJAosfOmCWJGg6tMT2vorWqhUjGmciZ2_LRcpq_g85P6DcLNx9kyVhKyyxRUbQMB25bCMHWPDzVmP5GHT-KtqYbjzmAOo3Wslompk5KjQ3w39efxQVMW0LwLEH8OJwC8MXdy_aMeO9mQFsr3vOSrUS-YVEZPmVY7w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCngSbr4kdZNnsAs-Oo9kPvpqV8AzJntKxXNWdkfdwwI23ARABIABgkYSghYwYggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzjIAQmpAmETGLF9KbI-qAMBqgTJAU_QqmU0lSutJkeFoFHCt31wJLJ8js7mOTLaFjwDEQ4dIILcYWRWCs8U9C4991PAYckBVhyfq74hxT5IyDnQbxs8ROnjx6tFjrHex8a9VqW33qZPSjdn0h__tre1f8pfoc1TeyZYPRXUn5NIcvOYS1LV54F-eSSAk80utQQK4C1ymqw_uKN1WGawsbFUSnJWCBalc8I25-N-G3vGUgzfQStqsdyvneen-66PPbWbxZ8jo2uMr3WcBcsCkatbTpCOhCoJq0fmfAx3eoAGsvDrsq6ApYPpAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0YMLx2DQ2iilpn3E82sP3m0UroeA%26client%3Dca-pub-4788083219224278%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f418b52b84a4023d659ea85457dde917d4bf392fb14c02c52a82a7321fae6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 11:29:51 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oqXLEemFmXmXRjWMqYQQhzXtMGJli8HMh5XETKlavr2jNEOkPVKXZ9D-TEiRjlnUtZ7LKXVcxf86glfFb9UEQDapubCHLp5xG3CagpEApcrfyJgkTRZZ7dL1rgSsdC-ZbOr0DBfQ2O-DmVybM4s486k78SpwWWRb0i5I1xsiMvVXmA1UUlfTCIhKy-dtYDExePk3vyPOovvSu6BYdLAlOVh5saNOrYX-M7ITuQ87dRo1R6Cl7CAjLJe0qReJVybwKiSgrQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58764651
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 616F 3 KB
1 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 06:49:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 616F 20 KB
8 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 616F 158 KB
48 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:29:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5134 8 KB
1 KB 161ms
70ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 11:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 10:15:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 11:29:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5134 2 KB
823 B 66ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/ Frame 5134 22 KB
9 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:24:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5134 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 06:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16812
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 06:49:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/ Frame 5134 20 KB
8 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230322/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 16:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 16:22:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5134 158 KB
49 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc5e5e5fcb0512d00c16a63f06157a3d039a2810e184226ffede0b5f2f223293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679493709445325"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 11:29:52 GMT

GET
H2 200 23cf7cdae9f50ee7270380e7f4964b21.js Show response
www.gstatic.com/mysidia/ Frame 5134 34 KB
15 KB 133ms
58ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/23cf7cdae9f50ee7270380e7f4964b21.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb251ab625fc65ba9da3b27cc16fc25459480c929e6e8ff1efb2fa87fd72659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14432
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:58:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Jun 2023 11:58:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EB07 3 KB
3 KB 134ms
28ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=148&m=0&partner=103039&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F103039%2F230321%2Fa2e4dc6ca63143e88d50c26546107229_nl_wkda_white_bkg_rgb-03.jpg&v=3&w=296&s=EbTPbyDZj2XcJ5jiLYplv1s9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

081e9c28f6346ad4ca9634a07120e52065c0379ab3052dc738828711e8b2fec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30867222
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2760
expires: Fri, 15 Mar 2024 17:43:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EB07 26 KB
26 KB 160ms
54ms Image
image/webp 2a02:2638:3::f
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?m=0&partner=103039&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F103039%2F230321%2Fa87c9782afe74adb906dfcc1147740a2_23_03_21_criteo_new_image_formats_nl_artboard-1.jpg&v=3&s=3DxusZwsCQ--13eqrffsDWKu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::f , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

463a3f9d1fb108073727cbb1aaeb831c8dfa6e108fa40c856f6d07cd4298cd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:29:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30867222
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26452
expires: Fri, 15 Mar 2024 17:43:34 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EB07 0
128 B 96ms
29ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=oOcauumFmXmXRjWMjA6NFIZBAcYEcQ8-voG2TFYFk1eE35N3_8Xij9FxCWqF12FrkM0kal_PVF0T3phewrhVXDlqxe_K_OMzKRiCQXboXpNDF4_TnJ-qZnwlGppVyRLfGMRl70fcfo4wf1ZWwY7_zT34qJO_0zfR6sdFtEmyY1J5yX0YscY446h2hQwd9ZypaI5f8zGj7Qw7rXg7p-NTKDrtNKTtO6Ln6k1r6is4dEUsP8u3yGOBB9ZvIYkA_VwwZ3kOoA&sds=2&rev=85392&sendBeacon=true

sci-hub.hkvisa.net Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

123 Requests

93 %HTTPS

81 %IPv6

18 Domains

24 Subdomains

21 IPs

5 Countries

1449 kBTransfer

3049 kBSize

8 Cookies

4 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sci-hub.hkvisa.net
2a06:98c1:3120::3 Malicious Activity!

Screenshot
Live screenshot

Full Image

123
Requests

93 %
HTTPS

81 %
IPv6

18
Domains

24
Subdomains

21
IPs

5
Countries

1449 kB
Transfer

3049 kB
Size

8
Cookies

123 HTTP transactions
2 data transactions