urlscan.io logo urlscan.io
SecurityTrails logo

sci-hub.mksa.top Open in urlscan Pro
2606:4700:3031::6815:4958  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sci-hub.wikicn.top/
Effective URL: https://sci-hub.mksa.top/
Submission: On September 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3031::6815:4958, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.mksa.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 1st 2023. Valid for: a year.
This is the only time sci-hub.mksa.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

1    2606:4700:3031::6815:1e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sci-hub.wikicn.top
1    2606:4700:3031::6815:4958 (United States)

ASN13335 (CLOUDFLARENET, US)
sci-hub.mksa.top
21    2606:4700:3033::ac43:a162 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sci-hub.shop
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 401785
584 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
217 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
5 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 10203
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1183
601 B
1 mksa.top
sci-hub.mksa.top
7 KB
1 wikicn.top
sci-hub.wikicn.top
436 B
0 kitbit.net Failed
kitbit.net Failed
0 pluso.ru Failed
share.pluso.ru Failed
43 10
Domain Requested by
21 img.sci-hub.shop sci-hub.mksa.top
6 pagead2.googlesyndication.com sci-hub.mksa.top
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 counter.yadro.ru 1 redirects
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 sci-hub.mksa.top
1 sci-hub.wikicn.top 1 redirects
0 kitbit.net Failed img.sci-hub.shop
0 share.pluso.ru Failed img.sci-hub.shop
43 11

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
mksa.top
Cloudflare Inc ECC CA-3		 2023-01-01 -
2024-01-01		 a year crt.sh
sci-hub.shop
Cloudflare Inc ECC CA-3		 2023-04-23 -
2024-04-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://sci-hub.mksa.top/
Frame ID: EDE0C6171DAACCDE7C06B49F4B5A7B42
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html
Frame ID: 268157872E8131CDEF0ED669B68D1C4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&adk=1812271804&adf=3025194257&lmt=1694645529&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694652728970&bpp=3&bdt=1041&idt=257&shv=r20230912&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5331911583801&frm=20&pv=2&ga_vid=2085854238.1694652729&ga_sid=1694652729&ga_hid=1263993339&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076838%2C31077221%2C42531705%2C42532403%2C31076998%2C31077889&oid=2&pvsid=2275697880803081&tmod=77750729&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: 2B50326D4FC17F0E37F824F8124AA662
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1694645529&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694652728973&bpp=1&bdt=1045&idt=273&shv=r20230912&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5331911583801&frm=20&pv=1&ga_vid=2085854238.1694652729&ga_sid=1694652729&ga_hid=1263993339&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076838%2C31077221%2C42531705%2C42532403%2C31076998%2C31077889&oid=2&pvsid=2275697880803081&tmod=77750729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=iU7LBGG7f2&p=https%3A//sci-hub.mksa.top&dtd=277
Frame ID: 0D6EA3FD590B92C3976006BD58AA1FA1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 723253C9AF5D6BC22E0D74D007E2C58E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CCFDB79EDC85A440F3A359FE90C9F24
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sci-Hub

Page URL History Show full URLs

  1. https://sci-hub.wikicn.top/ HTTP 301
    https://sci-hub.mksa.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

43
Requests

84 %
HTTPS

89 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

814 kB
Transfer

1552 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sci-hub.wikicn.top/ HTTP 301
    https://sci-hub.mksa.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sci-hub.mksa.top/
Redirect Chain
  • https://sci-hub.wikicn.top/
  • https://sci-hub.mksa.top/
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4958 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9be8bca8e99d3e4df920b526377cdc77fe018083325fa9ca149dd4844b7b28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=43200 no-cache
cf-cache-status
DYNAMIC
cf-ray
8064a53b7f8018f3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Sep 2023 00:52:07 GMT
expires
Thu, 14 Sep 2023 12:52:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdyDy1xXjy78JcdieHew1WUAnwSHWX0q9wK5OD8%2Bp7pS8tPl1iiHqNfCU46Yfn6AiSMEZxegnoweMgDfb6CKnMmF1BsNIDXbZiSal6I6Sn%2BA9%2BFJcmvXdsA5S3Zu8T1zNVgeF1wqrZ51olSfCs41"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-cache
MISS MISS

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8064a52b1e6a2c26-FRA
content-type
text/html
date
Thu, 14 Sep 2023 00:52:05 GMT
location
https://sci-hub.mksa.top/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip4Uzz7kBGVJhAZZHhLwU1Ac7l5fqpI8%2FIPApBF7D%2Bp1IebF6oDeXy1F7dxZ2HzMhBJ9cWRa2yCphJfRYjPfe22J%2B9VIYhVCzLlrd9EGqjlSC%2BE6Ihf%2BKa5o7SiYYxJdobgdq40U8AP2HpSPKRf28K4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
599494
etag
W/"5c00bb7c-152b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvebKQNw5RR8TGIyH3rITCW903uVq6qBj9m%2FSGAUE%2FDCIkxcMY377bmxcyJxXi99%2B2qSaSwGbktUpHPvSLNGwQQSoE9c0EmMU540gxnaSUg7gnzZAa1qH%2FBMMKs0buhMySlQEGMv4n4g3VizQ0GN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8064a5424be1927d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:20:34 GMT
jquery-ui.min.js
img.sci-hub.shop/scihub/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Dec 2018 08:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
599478
etag
W/"5c13665c-3dee4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlahnoAaXs0DT17VIndq5KGlCW3%2BrIOksZlqPpIuT6s%2Bku2bY%2FfZpRxQxekvfjYHXuvIk4JWtTg1v4AfxobsFU7dFakSQJsfWO4RaXCsZINNTPXBHNoNB2iAqYLHnZwC0TBFaHD1dU09P8qZ1nVI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8064a5424be4927d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:20:50 GMT
openapi.js
img.sci-hub.shop/scihub/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/openapi.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
599478
etag
W/"5c00bb8c-1798d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjvKtWsg8dD23sk8eGfBNIOEVyOOwcdveGf9GAhnQw%2FVr1X2QG4q5OURqMYPrY8RAKjQFKLLC34Xx1Yir00ewYnToIUrS%2FnDq%2FyOe4eZvREf1SLJj0eBeL1LiyxXnXIZ0JycKs2SaOI6JFXzqU2O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8064a5424be5927d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:20:50 GMT
medal.png
img.sci-hub.shop/scihub/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/medal.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
599478
alt-svc
h3=":443"; ma=86400
content-length
22275
last-modified
Fri, 30 Nov 2018 06:13:38 GMT
server
cloudflare
etag
"5c00d512-5703"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOvc8l6Mukz0rfzakF3hM3tiCteGh%2BqAN6WKja0q8tfml4GuouB6hUnGOYRUUJM8%2FyCvY31BrGvjHXmlNo6t%2BkTr4Th%2Bh%2B2tgfl3qLZM4lGgxUH2px8PQli7UHQdWDhZUvpPEtA%2BruDPjfj0woO9"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a5426bf3927d-FRA
expires
Sat, 07 Oct 2023 02:20:50 GMT
key_1.png
img.sci-hub.shop/scihub/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/key_1.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597640
alt-svc
h3=":443"; ma=86400
content-length
8428
last-modified
Fri, 30 Nov 2018 06:13:40 GMT
server
cloudflare
etag
"5c00d514-20ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcHQSKFEwD7yTpwIwWQxkbI7ujw6V1U5DkVKPFBfknvo%2FjOvX3KuignBH4rSbIgaBdqfkkshuplirPRCkplqNf0sAQ7CvWZG%2ByDbZVl3GGaIhp4mblpUM%2Be7y%2BsaQaskqeXHoenfqvuTE3BlcCaj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a5429b5803e0-FRA
expires
Sat, 07 Oct 2023 02:51:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d55b6e98888c8c66f187af1c6e564280f246278dcf69a4660314c2f9080db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Origin
https://sci-hub.mksa.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50681
x-xss-protection
0
server
cafe
etag
10265472444956331204
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 00:52:08 GMT
top-back.jpg
img.sci-hub.shop/scihub/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/top-back.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597747
alt-svc
h3=":443"; ma=86400
content-length
188646
last-modified
Mon, 16 Sep 2019 12:17:02 GMT
server
cloudflare
etag
"5d7f7d3e-2e0e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3p9gmPWi%2B1b3UOKz0qpjM8vwiIIoIL9PnA24Z7yoqDBxVJkxEmz7TDs9q5pV68IffuLmTufz77Z5KcUo%2B1QbFNrln2GcbYOHoe9HcPRm7zyCvEvXqgjKRCluj81n2rCORAY%2FnOzhNMac3zzKDz%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb6a03e0-FRA
expires
Sat, 07 Oct 2023 02:49:40 GMT
logo_en.png
img.sci-hub.shop/scihub/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/logo_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
14556
last-modified
Fri, 30 Nov 2018 05:56:38 GMT
server
cloudflare
etag
"5c00d116-38dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjIUCX6%2BCDorBqYa0KwIlCNxbffVVqDW0j0NWJ98g0NG1W8IJEnZ5HO0tkFOdlzEhGTCsmqUupLEy7ezx81DKX9t7mXTCFDIa0Mh1ejLO%2FYp8OUFPWGEyft0Ri%2BLrPTBULqyrWR5QpsdBRY%2BmWFX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb6c03e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
raven_1.png
img.sci-hub.shop/scihub/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/raven_1.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
60144
last-modified
Fri, 30 Nov 2018 05:56:32 GMT
server
cloudflare
etag
"5c00d110-eaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpltSmPaXVI4KzyorUG4vEdcYDDHhOL7K%2BN4d9ECsZ1oCSnm2VIkdLHatNgm%2B4pKtW%2FOiV3fxD%2B3MRWli5VDwwE7NYmp7hqM320xuqEqUilhdUmWgLdcVXfrxjAEqptaGPQufeUWJz2vLMozD3oU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb6e03e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
map.jpg
img.sci-hub.shop/scihub/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/map.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
599010
alt-svc
h3=":443"; ma=86400
content-length
55605
last-modified
Fri, 30 Nov 2018 05:56:52 GMT
server
cloudflare
etag
"5c00d124-d935"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMP4w2JWKRQu17dSnol3Hnc4jt7R%2BCnammbxYejzTw5vi3uQNFW3EFmuo0FLuAcMLGwlLv83oMMZzQJOKILadu1OGPoHw1GtF5ESqIzXACUNjw9UBQX9GM2IuFh3g4GKMn33dTVrsG3UgKuWeetH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb6f03e0-FRA
expires
Sat, 07 Oct 2023 02:28:37 GMT
about-marker_en.png
img.sci-hub.shop/scihub/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
3361
last-modified
Fri, 30 Nov 2018 05:57:02 GMT
server
cloudflare
etag
"5c00d12e-d21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgdMbV7Y3xdLhKcRJiw6yEoPI9GKQfxFbv%2FqByTEOd9%2BxdMpGEOfUFzranYHXtZcCfXZzdOGu5A1q0Lk3neaxlt8VQlQhwQZulIJ6gnSFBDsgq8Dghhd9n8uC0x1JpHWy92%2Bx3p0sGP7FLr8oLPD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7103e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
quote.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quote.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
1068
last-modified
Fri, 30 Nov 2018 05:57:12 GMT
server
cloudflare
etag
"5c00d138-42c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9us%2B10MXafiQ8jgAZB0lNSNLaevtHdfUKSP%2BGmOYWSehDvOAQ2tR53W1Bn6ABcBR9RPPVMgqwUFPPNR1%2BL%2BzgaxIGkhJPOresgNpiMbSOMWnHP4AocK8K4IoLFxUGH9hMquH5RonlWb4SpJ%2BoAKh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7203e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
quotenext_en.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
1087
last-modified
Fri, 30 Nov 2018 05:57:18 GMT
server
cloudflare
etag
"5c00d13e-43f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe5aDca0nAv266OWwuOJDJXuVl1N3yWznOyMbbcB4c5NPXqtbV1Xl6BRqVYAk6uvNTJ%2BpM%2BklyKvlu7VLBOxtd8r4k9DY9JnC%2FaWz68UawXY%2Bso0Dwyma9bpILQ2P9w8SRC4%2BpuodXLxPzwfmhOM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7303e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
pone.png
img.sci-hub.shop/scihub/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pone.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
1637
last-modified
Fri, 30 Nov 2018 05:57:24 GMT
server
cloudflare
etag
"5c00d144-665"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xO5sLCkH2HmH0lpfz9F%2BFx96CS9sPqToIaAycIwlbC2Tuf207e5S%2FyN8Xqbt7gLrz8%2BB6xqcpvM%2FU0F0veRvF4THtf5HWf3pCeOjVnrpGyLXbEbUsY2gdQkU1a4DVSsLzotWLJd3dpGh%2Fv4J3%2Bg5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7503e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
ptwo.png
img.sci-hub.shop/scihub/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/ptwo.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
3907
last-modified
Fri, 30 Nov 2018 05:57:30 GMT
server
cloudflare
etag
"5c00d14a-f43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnKE18OAcngyvo0USTvVH8B5hbmcmA7MxHUmCiRGhFOvYbdHpnnzlG74DHNmL2c98tbv7YsBFwTtBq8XwBntklo3ZXNB4SFxvHtS2rHnqUwK4GJEOejSOABvZR%2BKt%2BHM%2FHehEGYgJtrdJVuK8oei"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7603e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
pthree.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pthree.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
4278
last-modified
Fri, 30 Nov 2018 05:57:36 GMT
server
cloudflare
etag
"5c00d150-10b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzyuqF1VBEZB5qtwaAvGLAzlOBKsq%2BhPUdxB%2FW5Tg9NpiKtplhSyGRX7FBpIgbIHHv%2F11taM3hkFW5BOyz0gbZ5H44XKnd9jZre7ou5mHqDgABWHRFW5kW3vcXErHIpXRewRmKUppnd4xoRhnCpH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7803e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
people.jpg
img.sci-hub.shop/scihub/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/people.jpg
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
51212
last-modified
Fri, 30 Nov 2018 05:57:56 GMT
server
cloudflare
etag
"5c00d164-c80c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wdk65RfF9NYHc7Jw2kjZ8%2B69yQ63yfZM2IFGXiudQEjv1qiMX7XWHR5q3Pvp4Iss2BqI2QWMZX3t3gPOdM%2BzCF2ImopQhOgT%2BlENDQSUqXXRhFRs6yYKaUPuHFQPLmPdVtXGLILdYXkrLyJLU%2B7q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7a03e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
join_en.png
img.sci-hub.shop/scihub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/join_en.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
6197
last-modified
Fri, 30 Nov 2018 05:58:24 GMT
server
cloudflare
etag
"5c00d180-1835"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ds1WZN4YQ7dPmuNc7ApfJn28eDuWmBGZbYdMqsGkJ2K1t24T232b36Ek3PF9QPx1EqIBf4o3%2FMFiE92PN6gLyZ17mh%2FdcJzAdAr2GuUkKufOTrote8hN6NLeSQCwDU8lWCJs5qjt9uYsGU5%2B1CO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7b03e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
joinvk.png
img.sci-hub.shop/scihub/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinvk.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
17834
last-modified
Fri, 30 Nov 2018 05:58:30 GMT
server
cloudflare
etag
"5c00d186-45aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpwCZidzcvuTsh1PzfSOT7eP4YG%2FVXvYrBe1Hi61LgIqTQNQ0dnoyZIeCkaH92gjHT9QIFNVtae9fylzxP2HqMaatqRRB8tMp4PxwDWYBBqFKNaFv11VE%2F4G%2BifTEel7QA5j%2BMT5R%2FZ1D%2FRWH0xO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7c03e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
jointwitter.png
img.sci-hub.shop/scihub/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/jointwitter.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
5751
last-modified
Fri, 30 Nov 2018 05:58:42 GMT
server
cloudflare
etag
"5c00d192-1677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CKl6aWzb7DWtHF9alKtmkMLapeexDzQfDpwSvO6wlWl9DYrORY%2Fl%2FHPe5t0jHdF%2F8j7WT%2FktqKHOrDj8uFb8HsIIpVuyj04GSXrThhtHjUGkwykMQOiE066NpN%2Balqtvh3nmLMYWHPOKzqFSJFA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7d03e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
joinfacebook.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
598172
alt-svc
h3=":443"; ma=86400
content-length
4152
last-modified
Fri, 30 Nov 2018 05:58:36 GMT
server
cloudflare
etag
"5c00d18c-1038"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZkP8yjts%2BUt4eVAxC17b1xGmQOn22BLy48y%2BtBoLnYabasY%2FXEhERJVxIAcRlj1Dnsnif6stMl7fn0RJNMswiVVLqB8kmzrahnP9SBuwnQchXmmmeTWQWJCCpnIX4mtfAzmJ6nIgT%2FhUNFFKRQ8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8064a542bb7f03e0-FRA
expires
Sat, 07 Oct 2023 02:42:36 GMT
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 		0
0
pluso-like.js
img.sci-hub.shop/scihub/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/pluso-like.js
Requested by
Host: sci-hub.mksa.top
URL: https://sci-hub.mksa.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598172
etag
W/"5c00bef8-a5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5BVjJEXk7gAA8%2BAcph0YdMrlTz3fxnZlvPbGKAS15aVjSQfzGvJxcBdEPrKUveKi84KpsMmuHzsBsTvA3fwHXQqJ6Ym7f6oQkb3PZI0f1sJGl%2BuY4ple80rOglpsvsba41UeHVAM3eGLWUO4S4b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8064a542eb9603e0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Sep 2023 14:42:36 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31077889
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbb211e339646ba4ee2699d96c3433dd3a433e11afcceaf27b175def57b9182a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131912
x-xss-protection
0
server
cafe
etag
14271671937304294594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 00:52:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/ Frame 2681 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5200551945029930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5598
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 23:18:51 GMT
etag
8554266389219770021
expires
Wed, 27 Sep 2023 23:18:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		383 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sci-hub.mksa.top&callback=_gfp_s_&client=ca-pub-5200551945029930
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31077889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fbce1c00db4e66c256cc2099e81b3a0894f0f5a10986c7943aa738be03cbf033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2B50 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&adk=1812271804&adf=3025194257&lmt=1694645529&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.mksa.top%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694652728970&bpp=3&bdt=1041&idt=257&shv=r20230912&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5331911583801&frm=20&pv=2&ga_vid=2085854238.1694652729&ga_sid=1694652729&ga_hid=1263993339&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076838%2C31077221%2C42531705%2C42532403%2C31076998%2C31077889&oid=2&pvsid=2275697880803081&tmod=77750729&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31077889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 00:52:09 GMT
expires
Thu, 14 Sep 2023 00:52:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0D6E 		430 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5200551945029930&output=html&h=280&slotname=2711088979&adk=2301864394&adf=2987723014&pi=t.ma~as.2711088979&w=528&fwrn=4&fwrnh=100&lmt=1694645529&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.mksa.top%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694652728973&bpp=1&bdt=1045&idt=273&shv=r20230912&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5331911583801&frm=20&pv=1&ga_vid=2085854238.1694652729&ga_sid=1694652729&ga_hid=1263993339&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076838%2C31077221%2C42531705%2C42532403%2C31076998%2C31077889&oid=2&pvsid=2275697880803081&tmod=77750729&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=iU7LBGG7f2&p=https%3A//sci-hub.mksa.top&dtd=277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31077889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
941e1d584e81c928f7b8d11c97059f19d90c74bdbbe1190d03a9111b8615bae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
204
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 00:52:09 GMT
expires
Thu, 14 Sep 2023 00:52:09 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
process
share.pluso.ru/ 		0
0
process
share.pluso.ru/ 		0
0
hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 00:52:09 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 13 Sep 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Sep 2023 00:52:09 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.mksa.top/;hSci-Hub;1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Tue, 13 Sep 2022 21:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230912&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31077889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c26bdf65bc070dfb4fb97ca496fada0acfd07ae78e6cbbefcad3360086796b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11710
x-xss-protection
0
06.png
share.pluso.ru/img/pluso-like/square/medium/ 		0
0
plus.png
share.pluso.ru/img/ 		0
0
kb.js
kitbit.net/ 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5200551945029930&plah=sci-hub.mksa.top&bust=31077889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 00:52:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7232 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12456
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 21:24:33 GMT
expires
Thu, 12 Sep 2024 21:24:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4CCF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7e47ece3e34ce3414c480728f3de01bf88aed8b60f0c036c1c518263da56bafc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MFqNhk6xljkZtGoyadcjLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sci-hub.mksa.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-MFqNhk6xljkZtGoyadcjLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 00:52:09 GMT
expires
Thu, 14 Sep 2023 00:52:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
pagead2.googlesyndication.com/bg/ Frame 7232 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 09:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
228361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 09:26:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CCF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230912&jk=2275697880803081&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7232 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wjiXYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 00:52:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230912&jk=2275697880803081&bg=!6uml6abNAAa6D61Rmg87ADQBe5WfOEu4qYoP929yl40_uRqECYDACbroXHeSq410DIUICNZLb7AjHKs2nQ-SPLpb6ZwdAgAAAHRSAAAAB2gBBwoAgijro3yzM9Aqz6CCYQbTdnWT-ELQeR6X2N2kcbVYZvWv68hUfIArkdH8cIRvFVty2rReDWL1qRFcuqzLlOPkcMQIAuKLz5UXsGv81sgmoI36ZU_xndK5o-76EBHqBvL9xXC1gN_gOOKNGTPgFHiIWhrJj7oFKMiFxMG-QW03Sgl_4O6ZArRWq58BfWmHWI6hZMjEBWx82a167XuC34vFI1MGWml9ApToh2hGOmq8ChECyh1IZMXaESHZ3ns8_w3U470rEb9YqtVChHaNq2k13NU8mvpSLmcVZnrzX47KK1iqFRUkg8FwLMq2ypTMV7mnru78wNz20lmi0wkHiDKxAG6Q2DCtUCCnjLN4STfa3_fZA93XwOoFJ-SXqTrUMdr3lsYEvJvb9A3fV0Ztfr_29C-7MjhM9aAq7YaF2cIiCAC2IGhrWDLkdh75Js3BCQn0bbl710_MlnpM7q71AnpB8y_fk7oyK_em4GBFk9d45k05WuaDiY6T7zUfVHqgJlMCtecI5IhRXK37qmhJkWUIaPImdveqMPrrtwyBsbR6lmRH_hlq-Q4Fq_yRWst49VH7vIK8JSaiwypEdGLEcs8_Ngv0Fwk5jUHwSkR4iDI9Czfj2D5qdBjzap99yx0VZHBZZUuHMYLj268EZTc_qUvw_vtsl4ewCoUOWG9MuoDr-NNvwAsFAt1FYlHM2ZQxK9rBFaMqAEBEzaevA5Chbhv5niDPA19vi_SJATSfcEZ-8oUrSu0r3p3Vf1POQJBHXqcU9Zd8HKcGKjzpU0UmCxh8gC1t940Ii2W0wRz3vl3trilUTiO22rAmTZOPQuFNCk4oMlNkIo-1mBqBEc1Vtu7Po7sYsZcellY6x37Rr9zgTorG97tOkivRQIlJtPpou0VtqybDL-4E3I30qPiRP5mBeccXVzOTUlvHi8l6BjRKWtygizmzq9-9jLsxd95--H8OxPtRdptCNCzfXhBtrbJnQ6i0mMvV_TPSk2asfjsFo1RNWOk829ixGs7Tddbb7iKZ9U_cfkl6lZ2jwqO5sr2wZjb2HzmC_UHzW69avOW9xYQ67IBoE6YWgfPSXoQrx_J1SZsW6RZIgvoygQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sci-hub.mksa.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sci-hub.shop
URL
https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=6qCpN1PXvxovaTy1&first=1
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=QbaDVfgzkQy54FuM
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/pluso-like/square/medium/06.png
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/plus.png
Domain
kitbit.net
URL
https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go object| adsbygoogle number| ifpluso object| pluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| k string| pt object| s object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.mksa.top/ Name: __gads
Value: ID=7928bf9841a7e775-22ba59076fde002e:T=1694652729:RT=1694652729:S=ALNI_MZLzVoalIzBAqA1Fcv6u0oc3o0K9w
.mksa.top/ Name: __gpi
Value: UID=00000c745b5a7a06:T=1694652729:RT=1694652729:S=ALNI_MashBLPt9f-N9aMkQkpWPTmrDdKog
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yadro.ru/ Name: FTID
Value: 1b0bav1kEoue1b0bav0021uo
.yadro.ru/ Name: VID
Value: 1uyxkA070eee1b0bav0021vE

6 Console Messages

Source Level URL
Text
javascript error URL: https://sci-hub.mksa.top/
Message:
Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.mksa.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=6qCpN1PXvxovaTy1&first=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.mksa.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=QbaDVfgzkQy54FuM
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://share.pluso.ru/img/pluso-like/square/medium/06.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://share.pluso.ru/img/plus.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
googleads.g.doubleclick.net
img.sci-hub.shop
kitbit.net
pagead2.googlesyndication.com
partner.googleadservices.com
sci-hub.mksa.top
sci-hub.wikicn.top
share.pluso.ru
tpc.googlesyndication.com
www.google.com
img.sci-hub.shop
kitbit.net
share.pluso.ru
2606:4700:3031::6815:1e4
2606:4700:3031::6815:4958
2606:4700:3033::ac43:a162
2a00:1450:4001:803::2002
2a00:1450:4001:803::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
88.212.201.204
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5c26bdf65bc070dfb4fb97ca496fada0acfd07ae78e6cbbefcad3360086796b8
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7d9be8bca8e99d3e4df920b526377cdc77fe018083325fa9ca149dd4844b7b28
7e47ece3e34ce3414c480728f3de01bf88aed8b60f0c036c1c518263da56bafc
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86d55b6e98888c8c66f187af1c6e564280f246278dcf69a4660314c2f9080db7
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
941e1d584e81c928f7b8d11c97059f19d90c74bdbbe1190d03a9111b8615bae9
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bbb211e339646ba4ee2699d96c3433dd3a433e11afcceaf27b175def57b9182a
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbce1c00db4e66c256cc2099e81b3a0894f0f5a10986c7943aa738be03cbf033
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28