sci-hub.ee
Open in
urlscan Pro
2606:4700:3032::6815:a85
Malicious Activity!
Public Scan
Submission Tags: falconsandbox
Submission: On February 28 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2022. Valid for: a year.
This is the only time sci-hub.ee was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sci-Hub (Consumer)Domain & IP information
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net | |
adservice.google.com |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com | |
s.tribalfusion.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com |
ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
cm.g.doubleclick.net |
ASN26120 (RHYTHMONE, US)
sync.1rx.io | |
sync.targeting.unrulymedia.com |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16509 (AMAZON-02, US)
ag.innovid.com |
ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-31-230.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-244-117.eu-west-1.compute.amazonaws.com
match.360yield.com |
ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net
bid.g.doubleclick.net |
ASN15169 (GOOGLE, US)
r1---sn-4g5edndy.c.2mdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 625 pix.eu.criteo.net — Cisco Umbrella Rank: 7936 csm.eu.criteo.net — Cisco Umbrella Rank: 8487 |
473 KB |
28 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 bid.g.doubleclick.net — Cisco Umbrella Rank: 703 |
83 KB |
28 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140 |
292 KB |
21 |
sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 351743 |
584 KB |
9 |
criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15753 ads.eu.criteo.com — Cisco Umbrella Rank: 8414 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13386 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9640 |
127 KB |
6 |
gstatic.com
csi.gstatic.com fonts.gstatic.com |
32 KB |
6 |
google.com
adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
3 |
2mdn.net
1 redirects
gcdn.2mdn.net — Cisco Umbrella Rank: 1090 r1---sn-4g5edndy.c.2mdn.net — Cisco Umbrella Rank: 674548 |
951 B |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 442 |
133 KB |
3 |
onetag-sys.com
2 redirects
onetag-sys.com — Cisco Umbrella Rank: 712 |
827 B |
3 |
adform.net
3 redirects
c1.adform.net — Cisco Umbrella Rank: 590 |
2 KB |
3 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183 |
145 KB |
2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 9857 |
1 KB |
2 |
360yield.com
2 redirects
match.360yield.com — Cisco Umbrella Rank: 2292 |
794 B |
2 |
bidswitch.net
2 redirects
x.bidswitch.net — Cisco Umbrella Rank: 277 |
1 KB |
2 |
casalemedia.com
2 redirects
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431 |
2 KB |
2 |
pubmatic.com
2 redirects
image6.pubmatic.com — Cisco Umbrella Rank: 725 |
1 KB |
2 |
1rx.io
2 redirects
sync.1rx.io — Cisco Umbrella Rank: 510 |
2 KB |
2 |
yahoo.com
2 redirects
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 |
1 KB |
2 |
tribalfusion.com
1 redirects
a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813 |
1 KB |
2 |
google.de
adservice.google.de — Cisco Umbrella Rank: 8947 |
696 B |
1 |
adition.com
1 redirects
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398 |
587 B |
1 |
sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 596 |
191 B |
1 |
innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1794 |
297 B |
1 |
rubiconproject.com
1 redirects
pixel.rubiconproject.com — Cisco Umbrella Rank: 313 |
457 B |
1 |
openx.net
rtb.openx.net — Cisco Umbrella Rank: 1367 |
350 B |
1 |
rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 614 |
98 B |
1 |
quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 654 |
464 B |
1 |
unrulymedia.com
1 redirects
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 957 |
573 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296 |
265 B |
1 |
dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2856 |
104 B |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855 |
600 B |
1 |
sci-hub.ee
sci-hub.ee |
7 KB |
0 |
kitbit.net
Failed
kitbit.net Failed |
|
0 |
pluso.ru
Failed
share.pluso.ru Failed |
|
164 | 35 |
Domain | Requested by | |
---|---|---|
21 | static.criteo.net |
ads.eu.criteo.com
|
21 | img.sci-hub.shop |
sci-hub.ee
|
16 | cm.g.doubleclick.net |
1 redirects
googleads.g.doubleclick.net
|
15 | pagead2.googlesyndication.com |
sci-hub.ee
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com |
13 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com |
12 | pix.eu.criteo.net |
ads.eu.criteo.com
|
11 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net sci-hub.ee |
6 | csm.eu.criteo.net |
ads.eu.criteo.com
|
4 | csi.gstatic.com |
imasdk.googleapis.com
|
4 | www.google.com |
googleads.g.doubleclick.net
tpc.googlesyndication.com |
3 | cat.fr.eu.criteo.com |
ads.eu.criteo.com
|
3 | onetag-sys.com |
2 redirects
googleads.g.doubleclick.net
|
3 | c1.adform.net | 3 redirects |
3 | ads.eu.criteo.com |
googleads.g.doubleclick.net
|
3 | www.googletagservices.com |
googleads.g.doubleclick.net
|
2 | r1---sn-4g5edndy.c.2mdn.net | |
2 | counter.yadro.ru | 1 redirects |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | match.360yield.com | 2 redirects |
2 | x.bidswitch.net | 2 redirects |
2 | imasdk.googleapis.com |
googleads.g.doubleclick.net
|
2 | ssum-sec.casalemedia.com | 2 redirects |
2 | image6.pubmatic.com | 2 redirects |
2 | sync.1rx.io | 2 redirects |
2 | pr-bh.ybp.yahoo.com | 2 redirects |
2 | rtb.fr.eu.criteo.com |
googleads.g.doubleclick.net
|
2 | adservice.google.com |
pagead2.googlesyndication.com
|
2 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | gcdn.2mdn.net | 1 redirects |
1 | bid.g.doubleclick.net |
imasdk.googleapis.com
|
1 | dsp.adfarm1.adition.com | 1 redirects |
1 | pixel-sync.sitescout.com |
googleads.g.doubleclick.net
|
1 | rtb.nl3.eu.criteo.com |
googleads.g.doubleclick.net
|
1 | fonts.googleapis.com |
googleads.g.doubleclick.net
|
1 | ag.innovid.com |
googleads.g.doubleclick.net
|
1 | pixel.rubiconproject.com | 1 redirects |
1 | rtb.openx.net |
googleads.g.doubleclick.net
|
1 | id.rlcdn.com |
googleads.g.doubleclick.net
|
1 | cms.quantserve.com |
googleads.g.doubleclick.net
|
1 | sync.targeting.unrulymedia.com | 1 redirects |
1 | match.adsrvr.org |
googleads.g.doubleclick.net
|
1 | s.tribalfusion.com |
googleads.g.doubleclick.net
|
1 | a.tribalfusion.com | 1 redirects |
1 | dclk-match.dotomi.com |
googleads.g.doubleclick.net
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | sci-hub.ee | |
0 | kitbit.net Failed |
img.sci-hub.shop
|
0 | share.pluso.ru Failed |
img.sci-hub.shop
|
164 | 48 |
This site contains links to these domains. Also see Links.
Domain |
---|
pluso.ru |
vk.com |
twitter.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sci-hub.ee Cloudflare Inc ECC CA-3 |
2022-10-22 - 2023-10-22 |
a year | crt.sh |
sci-hub.shop Cloudflare Inc ECC CA-3 |
2022-05-23 - 2023-05-23 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-18 - 2023-05-20 |
3 months | crt.sh |
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-12-22 - 2023-03-26 |
3 months | crt.sh |
*.dotomi.com GlobalSign RSA OV SSL CA 2018 |
2022-08-09 - 2023-09-10 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2023-02-02 - 2024-03-03 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2022-07-21 - 2023-08-21 |
a year | crt.sh |
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-03-15 - 2023-04-15 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.nl3.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-04 - 2023-04-05 |
3 months | crt.sh |
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-13 - 2023-04-15 |
3 months | crt.sh |
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-13 - 2023-04-17 |
3 months | crt.sh |
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2023-01-09 - 2024-02-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
*.c.docs.google.com GTS CA 1C3 |
2023-02-07 - 2023-04-18 |
2 months | crt.sh |
This page contains 17 frames:
Primary Page:
https://sci-hub.ee/
Frame ID: FAB8F375E9C5F2E85C2AC28050996699
Requests: 42 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/zrt_lookup.html
Frame ID: D112ABEF470E0B9A5B2509B8AC2B8932
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&format=528x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140254&bpp=5&bdt=426&idt=211&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&correlator=3692030596297&frm=20&pv=2&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=X2TYbP26ag&p=https%3A//sci-hub.ee&dtd=232
Frame ID: 4681D1D41EE39DD35B920DB103652E0A
Requests: 19 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1677590140&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fsci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140271&bpp=2&bdt=442&idt=241&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: CB486AFAD5AD8FF58C19059D61B277DE
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0&nras=2&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=nbynEKSz2V&p=https%3A//sci-hub.ee&dtd=9
Frame ID: 67EB4450138706DA6B400B712A2750AA
Requests: 8 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=ETJ5Vga3Ys&p=https%3A//sci-hub.ee&dtd=12
Frame ID: 5BE25E1D04213FE0624CE6F258A37BB0
Requests: 8 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.3357258965~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=-M&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=IW3VLjrhcV&p=https%3A//sci-hub.ee&dtd=17
Frame ID: 6817BE7943E7B56FC6DB372D945F3FF0
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=1733119465&pi=t.aa~a.2054722437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1677590140&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fsci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677590140645&bpp=1&bdt=817&idt=1&shv=r20230223&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4b81ca31c7a681ec-227472f52fdd00d5%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ&gpic=UID%3D00000bbd2ee3f397%3AT%3D1677590140%3ART%3D1677590140%3AS%3DALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3692030596297&frm=20&pv=1&ga_vid=911465623.1677590140&ga_sid=1677590140&ga_hid=1276346261&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777877%2C44759842%2C44759875%2C31072479&oid=2&pvsid=1281987990408366&tmod=1666576914&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=1kTMStLoPp&p=https%3A//sci-hub.ee&dtd=21
Frame ID: 7F7D1B4D1ACDF9D175DC6C74165C9525
Requests: 8 HTTP requests in this frame
Frame:
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKjDEIFVtnAAJvjGnEmCZ6PQbxoZBA5Q&u=%7CcTrZdsaM2Mqbp4hTF0Z37EXOUCXVLg6gA44lMD%2BX3Bw%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwBBGcpt19KxeeM5KbBpqVU7NsoipS84tXLWKDrAhTxwhpLn208dkIuz5J_TR6p0woNS1DkHhB1NZFUUhSmglBdKUz2WlmVmdj0tIDM3uEHPlAY6zpoSr3sEmYaOJm6p_RyInrAp5Rv5fAetw7g5WeuJZJINoS7Rbl91fKTU3zKpWOFzrFKYE_XjJ7bjxq9OwBHFmIRAkYdxVgDOcrIkXusebLSkqUVj0YSfQRLMqHg9kOvpvfxyv_70Ekytm1qq2eqygp7OqCth1KkkGbytWJluN4FzrB-FFfCkXc6Y2g2OEq8EHCYV278Gzr8PJtjRaHvVEj1iiNIpJ04Y1SleX2eQg07XWNeYoh0ALHBQWpEFwczRnbtCeRPA84jgHBzYY57Ug7AWXzysGS0TKbJgDNt73irx9dd9Z-FPJPyjc-DcXmtVjufL_G8uGSbyP6UbI8caMY3zPWQHNK0_-5ZHBfoh2hHwLYytOV2sbz2eDLDBtEKZRbDuNp7XA0HypTEhTcENcMRsOYXT1RcZYoisQdnib7XzMuNASs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD6pLfP79Y7GYKue21fAPjN-JEMme0rFcvfGU93DAjbcBEAEgAGCVuoCCmAeCARdjYS1wdWItNTQ1MTMzNjQ4NzkzNDM2NsgBCakCRgbXb-PIsT6oAwGqBLgBT9A0_PdSFCZjFsYKXgrZuAASVO0CS5KWfqaG2YFuFAbMK8Y0RtvJi8u-2OaksWEz8tZVv7Zl2osSwYO0wZO8rqw-iuAXVk2JxdvQnQZiGnbfAaayj0LfALmfyyeRqLdDE2Cg_ucSVM2-F8NN8C7JAUuEzZDkQtDVtvcl-vc1KHZE16iFil9y66d4mcBCRjARSiy75kjz4YUWDUXA7IU5eno5S450EtxEfhh6ak-O3D9ObzhvqX_D3IAGwaT8zOzRjo_DAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3oBQdj7xFdZI8eKXVurSPL6VzUYQ%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: A38573B4047411C14654707B5F7D2D24
Requests: 15 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C11761B6F40C194063FC69159911FED3
Requests: 9 HTTP requests in this frame
Frame:
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKst4IFUkIAAJeovDlUalR4vaTkAwsfQ&u=%7CcTrZdsaM2Mp1%2FR6RoBHHO1tOQjC8dU38n0HxTPsczZU%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDz2OtWerTsde8asZSRzcrOt21RiYc9zsekYsXeuwwiBQP-9scKZrKlgyGbG1ubq0c2mI8FdVpdKCh_c7jyOW34M-KX5ganBAQdmlKrJ4trC8IrFN0MRUJLfrdIvQSaiXxivaxA9c48DQsggUzL6bx-lUcoL4QAIyf7_pISUt566bGp7rH45spHv7EzmMraEGB5sVqHcCvE6DKYh5wR9N3o1gpR9qJ7y2KPV6Exzm3YS8E2dIhvXEDlrFsRKz2RZ-3NsP6f6Yt3U_afnuoV5fFDeD0PbnQEg14zJ8K7-ijk3jZKdfiLGu8JzxE3gPwcbXkQjRoc9uYAZFM_YIg_EgnoytzOmIQtwGbrEuN2tclZ_BKhlD1xBM111vrMTZyDUEwLxPJCSPq8VkcRQ4AA4viEcEm41XcgUIwKCNe_CO-AkWjPCcDuPIBK5ZxPuHBfUMeyD0IeY6-LwxGZgXl8zaQJE0XYnjU07d3AzcNTJv5io2nnywEUIluVbfkrA8bzsuvXrdaPvaObG4J6JRqNWv9aRlr-89mFjGpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0mIZfP79Y97lKoiS1fAPor2JiAzJntKxXNX24taTAcCNtwEQASAAYJW6gIKYB4IBF2NhLXB1Yi01NDUxMzM2NDg3OTM0MzY2yAEJqQJGBtdv48ixPqgDAaoEuAFP0ESFBeX7IaFt8lX-NFmDMhPSp-9GD2xXN900A2lG0A3eOWeCHrMoRQ0NeunuIoFzrgaJ7ruK0VMQzA5JpaGqLFI5wra6_IpDWU-c8TGcTcHqnap2FwAQsVpUOQeuOQqdx82dBwcl4B97RpXhkB3TXYrwpw8OpnfJzAns2bWKtNs26YXybEiqayZJRzFScgBZwPSkkDPhOqvd3F1uE8a6Lso_7ok74dyy4KRLjCslLc1MOH_2EdaZgAbBpPzM7NGOj8MBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1r_tbYWHll43-L-98dbMDOX-w55Q%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: C22B188D556A68A45E10320DC25D7C3A
Requests: 16 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 450CA3B2CEBB784B95C1ABFE4EEE43D3
Requests: 9 HTTP requests in this frame
Frame:
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y_3-fAAKf44IFUvCAAeBsGJIU7n9GniGWZxK8g&u=%7CcTrZdsaM2Mp22Y8wWZa07oUwSbOPgDgr9smzzjXBPqQ%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wPxisfozUOq3apJAYgATzDwLeZ1TE-uoBE0_pBqD-wy8EzDt87KRqop8duG4ornsKzjKKnKu2tMlGLkXk-wbKY_fED3lwAjzGHiotstJXLbbWmBzzjSfQ0iGt9AID_jcTjYYTpZhovvOuYUF3qMpAp49S4LqfNJvoNezFjoMWO_CzsQM1fje2mteXX1JAFIJk3ANiz5vKW35DGdsGQT-64svGNgEv54jZyuXDX4p5ZNo1xxF9S8kJykpNPxiT9MlksGm3U7MuvC6kRAa8v1fGWT3wXHmhXxl59cxVMhTWWmiycvuNROO7SpOGm6ZFdOTolGVUWDJO103hxcuqT7SLRmYscp504U3LLmwPTN9m7yY1xp1DiPMozP8q4IcW45cvIK4j7SUcLkkMH7kGBbSRYYd9xy-TEFjKJiTT5dZB7oTJkF0-PmoP71JJXnBKk-wgsgztPH-EU2z7U0QOaBToEoPlBegiPIxZOtc0NJg-5qw5hs5bW2xprZdtwWNKQygprr5QumdSlc2dIaK4KQXZlEtGAQPxtvgGrk9QUfS17bQCuEtqg84yfk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHZWSfP79Y47_KcKX1fAPsIOeoALJntKxXL3xlPdwwI23ARABIABglbqAgpgHggEXY2EtcHViLTU0NTEzMzY0ODc5MzQzNjbIAQmpAkYG12_jyLE-qAMBqgS4AU_Q4cvOtKAsuwbe7HIz5X_ujfthI-7g5SCinvcUIl676nERQmE0byry7tOLWk5Y23zSsrnRuGO9eDI56IFTGuDHz0t0Sp18ihhQmX2JPBWwin18m4IErcDDRafzTmmovYGR9uJc29r833140hYnH74DTHNdh1jJz7M81qLMW-JhAJjgNJ_3x4PM2ZnMOC3Q1-n5KLbeN0jsf48jOCPKXf374H0Q7t64G4syplKiHxVh65R1IIYjhoOABsGk_Mzs0Y6PwwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2j33eqyuR65zbgO0jkHnPc1Q3sJg%26client%3Dca-pub-5451336487934366%26adurl%3D
Frame ID: CC5E7BE230FEF031792328630F5F4C92
Requests: 14 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B76FF34D57DF4C236452A6DF3945F0FB
Requests: 9 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 97E51653CC19BD0BD0F9FF92F8BCCAEB
Requests: 3 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCFC9103C6603AB5E2C824DA6BD6A4A6
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: BE7573F789538781BC580A259E059347
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
sci-hub proxy search linksDetected technologies
DoubleClick Campaign Manager (DCM) (Advertising Networks) ExpandDetected patterns
- 2mdn\.net
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
- 2mdn\.net
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 56- https://a.tribalfusion.com/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
- https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOkCR28PbSSbzsHP6aX6jxw&google_cver=1&google_push=Aa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-w9xaaJxWXCGUGUBohEPpTkghEnGzTCZfw07CNDFtzOABCFbQ-2QTrymw62z9f4sqfUjdEgVM-9O2iczstCv9aUf9djmru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
- https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH27xe2yRltccDZ_M-IL-8E&google_cver=1&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx9zyIoQ6zm5tZHjRLDPsc1HCtUKyF1jStN1Axrx5gecBfVX7ezhMHvv61GQWydD0YwfYwxmMEA3rnFRE94fk-ZNCzI41s4T&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
- https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI HTTP 302
- https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEApryoqn5sDLoy3DXUA-byo&google_cver=1&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx-mLlBWAJMwWQNt2UEs6FqKnJP7AMUl6aQm3nW42REaqHQ0fTEb1IyDNOLKi6FCaAm7EZOpFp5sxtazOwCnIewmJtRknmI
- https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELJQd9_T-xkvSONh7-yOcA4&google_cver=1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE HTTP 302
- https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1677590141033 HTTP 302
- https://sync.targeting.unrulymedia.com/csync/RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE%26google_hm%3DAz7tYfCePk7LgpkUvN-3QbI HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8UT9ZIbMx4xeN6PsYKdLBmFnbcNYUuxGx5b2aBovAiqYRcM95SuFp2jZoTSrVHMdrA3zfRu8envZs7lB0n0tp8f_um6dE&google_hm=Az7tYfCePk7LgpkUvN-3QbI
- https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEwAZ5s_Qith5EZD24QkOKo&google_cver=1&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7Sjic2LLtovBnkaIpWpw HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-ixSB1bmN-p1efO6bFrcWXV0lEKCsdBcefIrk46eNq76UeVo2oCQjXRspELaGDksRyesEtboS0ZQ7Sjic2LLtovBnkaIpWpw HTTP 302
- https://onetag-sys.com/match/?int_id=19&google_error=5
- https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEr1y5mj89j0gjhED0iG5IE&google_cver=1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O HTTP 302
- https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEr1y5mj89j0gjhED0iG5IE&google_cver=1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O&rdf=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1kweMLN9Ra2u94j_dYOH0A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_cafL4A-R8ZaTGWspwtmUuM_zXKKCIxzcIQqoiH-jFPPumD-IJ-5sgGVqPz3-ZJ4Wf8u6i7RfO8PkNtKFMBmiEo-QtMm6O
- https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKdAinT73DScC6t5jnCOJuU&google_cver=1&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVPOVVUQUQtQy1EMlAw&google_push=Aa02lx-QGqt0HXDVwU_I3cv2XZDJs83a4v7yTPO_CymaKS-hxjTsIt3YTtBMTd6JmuSF1N6hU2z5JV-Yvf92DPokzWiaCufhuDim
- https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_cver=1&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34 HTTP 302
- https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34&s=184023&C=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBvwwrkkqcmd9CuhWc2JZIg&google_hm=Y_3-fXKg8lNWE4tw2KwOkwAACHIAAAAB&google_nid=index&google_push=Aa02lx8VLeycyZqe5yZ7wDXEw6kUg3B6YT-yLW1cyHtmpMbo-XZNp5sW3ZYUreAFyCBpZFzzAdegrsYjWmPeOjCYL2GAYHPBJf34
- https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEF8HcCTlVoz-D_BzB_OKBqY&google_cver=1&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNTE5NDc5MTY5ODI5OTAzNA%3D%3D&google_push=Aa02lx8ALNQvuCeJq4Mo7BOXpb9CPQrgZczHkc8J0-6sMY3Oez5ViVL8MFLwXpqT2rs58a9wXt-GOxOaY4wY-MhF-OKs7DED2DL7MC4
- https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg HTTP 302
- https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELej5rWGkYscRN5ObETjm_U&google_cver=1&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg&google_hm=ysRfBwOOQfSLYByX9REQHQ==
- https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAJys-oGhVhQkjwDRjqtWVo&google_cver=1&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-SkDOlN4ElZRN2XJKXeAvCDuDu7IQAdIqmihxPM1whL9w6N1qVr4vxFmpZUW3hv6_Xe5Y4xDW5-MhccAvRToKACmU53D9e7xw&google_hm=eS1VMXg4bDNsRTJwRnhqNjJZY2tzbFg0UDl4TFdHaml6aH5B
- https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJGhcjK5x5u1CQ-LkdDHJ0I&google_cver=1&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDIzNDk1OTQyMzgzMjA0MDY3NQ&google_push=Aa02lx_CYkbicRzAQqX4PUPOvPA3GGhqEu_nSlwwVBhnK8Kl2_6oysUte4oTr9zXVmZCAtkwpGsdv1JLajqOXckQsRna4EKxNoWhYQ
- https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPQdZSR8AZjoHrxtwaTx8UQ&google_cver=1&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8tzonhGQMIPZ1gqtCSJfD8xAtNHx1LlTiCuR5pd-NuM5PQdFM3wqdhyOtucKpvZZzfkc13ZJHBRJIcNFsO8vPrp6U-B-Znv0M
- https://match.360yield.com/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY HTTP 302
- https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO1fyBEvnb5wyyOGTbHMu_o&google_cver=1&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mqgDzd31SHq492zdVfUpSA&google_push=Aa02lx9WtVjS3MneKdUkKMPjCCNckYHciIiBQwi_AzXd1EDX1gO3L8nyu8-48r8uQ_XWxIPNLizPpsZ-qHUmM7lLqNdp0Pm0cqvVJRY
- https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1 HTTP 302
- https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
- https://gcdn.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/65D67AA869028178B3D9DC96ADBFFDDFE0727791.3184E4810BA62D8784EA6E970A82C3847656634C/key/ck2/file/file.mp4 HTTP 302
- https://r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13E50141EB0357037436C611723767F410760C54.5F53ABCD2977D60F24C99C70559789823872E2E8/key/cms1/cms_redirect/yes/mh/o0/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edndy/ms/onc/mt/1677589583/mv/u/mvi/1/pl/29/file/file.mp4
164 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sci-hub.ee/ |
27 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
img.sci-hub.shop/scihub/ |
248 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openapi.js
img.sci-hub.shop/scihub/ |
94 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
medal.png
img.sci-hub.shop/scihub/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
key_1.png
img.sci-hub.shop/scihub/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
145 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
top-back.jpg
img.sci-hub.shop/scihub/ |
184 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_en.png
img.sci-hub.shop/scihub/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
raven_1.png
img.sci-hub.shop/scihub/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
map.jpg
img.sci-hub.shop/scihub/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
about-marker_en.png
img.sci-hub.shop/scihub/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
quote.png
img.sci-hub.shop/scihub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
quotenext_en.png
img.sci-hub.shop/scihub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pone.png
img.sci-hub.shop/scihub/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ptwo.png
img.sci-hub.shop/scihub/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pthree.png
img.sci-hub.shop/scihub/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
people.jpg
img.sci-hub.shop/scihub/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
join_en.png
img.sci-hub.shop/scihub/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
joinvk.png
img.sci-hub.shop/scihub/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jointwitter.png
img.sci-hub.shop/scihub/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
joinfacebook.png
img.sci-hub.shop/scihub/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pluso-like.js
img.sci-hub.shop/scihub/ |
41 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ |
366 KB 121 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230223/r20190131/ Frame D112 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
387 B 600 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 531 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4681 |
72 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame CB48 |
2 KB 664 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 165 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 165 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 67EB |
26 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 5BE2 |
26 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 6817 |
430 B 230 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 7F7D |
26 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 5BE2 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 5BE2 |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 5BE2 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5BE2 |
158 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 5BE2 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5BE2 |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afr.php
ads.eu.criteo.com/delivery/r/ Frame A385 |
119 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C117 |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7F7D |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 7F7D |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 7F7D |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F7D |
158 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 7F7D |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7F7D |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afr.php
ads.eu.criteo.com/delivery/r/ Frame C22B |
120 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 450C |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
current
dclk-match.dotomi.com/match/bounce/ Frame C117 |
0 104 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i.match
s.tribalfusion.com/z/ Frame C117 Redirect Chain
|
43 B 412 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google
match.adsrvr.org/track/cmf/ Frame C117 |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame C117 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame C117 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame C117 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
onetag-sys.com/match/ Frame C117 Redirect Chain
|
0 151 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attr
cm.g.doubleclick.net/pixel/ Frame C117 |
0 130 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpixel
cms.quantserve.com/ Frame 450C |
35 B 464 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
466606.gif
id.rlcdn.com/ Frame 450C |
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dds
rtb.openx.net/sync/ Frame 450C |
43 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 450C Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 450C Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 450C Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trk
ag.innovid.com/ Frame 450C |
43 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attr
cm.g.doubleclick.net/pixel/ Frame 450C |
0 40 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/ Frame 4681 |
22 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 4681 |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/ Frame 4681 |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230213_RC00/ Frame 4681 |
378 KB 129 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 4681 |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 67EB |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 67EB |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 67EB |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67EB |
158 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 5BE2 |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 7F7D |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 67EB |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 67EB |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afr.php
ads.eu.criteo.com/delivery/r/ Frame CC5E |
116 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B76F |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy_small.svg
static.criteo.net/flash/icon/ Frame C22B |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C22B |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close_button.svg
static.criteo.net/flash/icon/ Frame C22B |
308 B 636 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back_button2.svg
static.criteo.net/flash/icon/ Frame C22B |
293 B 621 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lg.php
cat.fr.eu.criteo.com/delivery/ Frame C22B |
43 B 348 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 67EB |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animejs.js
static.criteo.net/animejs/ Frame C22B |
12 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy_small.svg
static.criteo.net/flash/icon/ Frame A385 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A385 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close_button.svg
static.criteo.net/flash/icon/ Frame A385 |
308 B 636 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back_button2.svg
static.criteo.net/flash/icon/ Frame A385 |
293 B 621 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lg.php
cat.fr.eu.criteo.com/delivery/ Frame A385 |
43 B 347 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame C22B |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame C22B |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame C22B |
0 127 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C22B |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy.svg
static.criteo.net/flash/icon/ Frame C22B |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy_small.svg
static.criteo.net/flash/icon/ Frame CC5E |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CC5E |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close_button.svg
static.criteo.net/flash/icon/ Frame CC5E |
308 B 636 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
back_button2.svg
static.criteo.net/flash/icon/ Frame CC5E |
293 B 621 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lg.php
cat.fr.eu.criteo.com/delivery/ Frame CC5E |
43 B 347 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animejs.js
static.criteo.net/animejs/ Frame A385 |
12 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B76F |
0 191 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B76F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B76F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B76F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B76F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B76F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B76F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
attr
cm.g.doubleclick.net/pixel/ Frame B76F |
0 12 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animejs.js
static.criteo.net/animejs/ Frame CC5E |
12 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame A385 |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame A385 |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame A385 |
0 128 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A385 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy.svg
static.criteo.net/flash/icon/ Frame A385 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame CC5E |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame CC5E |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame CC5E |
0 127 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CC5E |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy.svg
static.criteo.net/flash/icon/ Frame CC5E |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csi
csi.gstatic.com/ Frame 4681 |
0 234 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4681 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4681 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4681 |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csi
csi.gstatic.com/ Frame 4681 |
0 45 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vast
bid.g.doubleclick.net/dbm/ Frame 4681 |
28 KB 16 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 4681 |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame C22B |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame C22B |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame A385 |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame A385 |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame CC5E |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img
pix.eu.criteo.net/img/ Frame CC5E |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 4681 |
0 18 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
process
share.pluso.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
process
share.pluso.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit;PLUSO
counter.yadro.ru/ Redirect Chain
|
43 B 528 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
15 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
06.png
share.pluso.ru/img/pluso-like/square/medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
plus.png
share.pluso.ru/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csi
csi.gstatic.com/ Frame 4681 |
0 54 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 4681 |
41 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H/1.1 |
file.mp4
r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4681 Redirect Chain
|
0 0 |
Fetch
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
kb.js
kitbit.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 97E5 |
23 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
pagead2.googlesyndication.com/bg/ Frame 97E5 |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCFC |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aframe
www.google.com/recaptcha/api2/ Frame BE75 |
783 B 534 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame BE75 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame CCFC |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97E5 |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
file.mp4
r1---sn-4g5edndy.c.2mdn.net/videoplayback/id/b878286ba704a8ba/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1709126141/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4681 |
167 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame CCFC |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
csi
csi.gstatic.com/ Frame 4681 |
0 17 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame C22B |
0 127 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame C22B |
0 127 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
all
csm.eu.criteo.net/ Frame A385 |
0 127 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- img.sci-hub.shop
- URL
- https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=JsAn5MS5dPkmiI1C&first=1
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=IskV1XZigUguIvcV
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/img/pluso-like/square/medium/06.png
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/img/plus.png
- Domain
- kitbit.net
- URL
- https://kitbit.net/kb.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sci-Hub (Consumer)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go object| adsbygoogle number| ifpluso object| pluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| googletag object| k string| pt object| s object| GoogleGcLKhOms26 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sci-hub.ee/ | Name: __gads Value: ID=4b81ca31c7a681ec-227472f52fdd00d5:T=1677590140:RT=1677590140:S=ALNI_MbiZqSUWgMKrNKYd69cnO_eco9xNQ |
|
.sci-hub.ee/ | Name: __gpi Value: UID=00000bbd2ee3f397:T=1677590140:RT=1677590140:S=ALNI_Maq719N4hB3Y3g-ZnIZcUzsn-CB6Q |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnFSaBTQIbatXuAP-KTXIevYpff3XDrE5sKz8ndxHXfLm2sNNxUh4d-Q1LIgZg |
|
.adform.net/ | Name: C Value: 1 |
|
.quantserve.com/ | Name: d Value: EAMBCQGzKIEA |
|
.quantserve.com/ | Name: mc Value: 63fdfe7d-11fb5-f219b-521d6 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBH3-_WMCEKMSYibmk3D-mJ9i1nbeBPgFEgEBAQFP_2MHZAAAAAAA_eMAAA&S=AQAAAqomUC7UCqhPf4RimKc7fl0 |
|
.pubmatic.com/ | Name: KTPCACOOKIE Value: YES |
|
.1rx.io/ | Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003%22%7D |
|
.casalemedia.com/ | Name: CMID Value: Y-3.fXKg8lNWE4tw2KwOkwAA |
|
.casalemedia.com/ | Name: CMPS Value: 2162 |
|
.casalemedia.com/ | Name: CMPRO Value: 2162 |
|
.adform.net/ | Name: uid Value: 4234959423832040675 |
|
.pubmatic.com/ | Name: KADUSERCOOKIE Value: D64C1E30-B37D-45AD-AEF7-88FF758387D0 |
|
.targeting.unrulymedia.com/ | Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3eed61f0-9e3e-4ecb-8299-14bcdfb741b2-003%22%7D |
|
.innovid.com/ | Name: uuid Value: 886fd7de-e793-4eb2-b330-420253a3db3d-20230228 08:15:41 |
|
.adfarm1.adition.com/ | Name: UserID1 Value: 7205194791698299034 |
|
.bidswitch.net/ | Name: tuuid Value: cac45f07-038e-41f4-8b60-1c97f511101d |
|
.bidswitch.net/ | Name: c Value: 1677590141 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1677590141 |
|
.360yield.com/ | Name: tuuid Value: 9aa803cd-ddf5-487a-b8f7-6cdd55f52948 |
|
.360yield.com/ | Name: tuuid_lu Value: 1677590141 |
|
.bidswitch.net/ | Name: google_push Value: Aa02lx9DEgyPho90VRZbEENv3pyEgn6PQNlaVOZ44aohxmxyyuX7Xlblyp60FL2cPNCf3KHOlfMSdd0cCt1cO5CAdIqTI0N_j5R_xg |
|
.tribalfusion.com/ | Name: ANON_ID Value: ainseFt3er66AxvPAB90eMr4YMJl2Zb7ibKBcVgZcrx5a1fWXwOeqU7AvuCcZaYZc9DYl7YAsJNQkY1bvPmieWls |
|
.yadro.ru/ | Name: FTID Value: 1Z_Vvz3ij3eV1Z_Vvz003LCc |
|
.yadro.ru/ | Name: VID Value: 1dQyDB23JpuV1Z_Vvz003LDg |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.tribalfusion.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
bid.g.doubleclick.net
c1.adform.net
cat.fr.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
csi.gstatic.com
csm.eu.criteo.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
img.sci-hub.shop
kitbit.net
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r1---sn-4g5edndy.c.2mdn.net
rtb.fr.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.tribalfusion.com
sci-hub.ee
share.pluso.ru
ssum-sec.casalemedia.com
static.criteo.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
x.bidswitch.net
img.sci-hub.shop
kitbit.net
share.pluso.ru
172.217.18.2
178.250.0.160
185.80.39.216
198.47.127.19
213.19.147.45
2606:4700:3032::6815:a85
2606:4700:3033::ac43:a162
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:25::6
2a00:1450:4001:802::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400d:803::200a
2a00:1450:4010:c02::5e
2a02:2638:3::9
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::b
2a02:2638::c
2a02:fa8:8806:13::1400
2a05:d018:d29:3605:3a35:c032:6d7e:7081
2a05:d01c:1d8:8102:80ae:1ebc:7401:1031
3.127.31.230
3.33.220.150
35.227.252.103
35.244.174.68
37.157.6.245
51.38.120.206
63.32.244.117
64.233.184.157
69.173.144.165
85.114.159.118
88.212.202.52
98.98.134.242
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a9af4aa5b71b6c5c2902f37cd661bf3b3c3f99bfc628e1f275721bf389b6235
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
156b44de48beefab8d1f055b7dbf7f85395cfa27827b1813411df6caa2aa4cfc
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37c3e09f74a18df5356939a9fe79294ece2fa111711e6f4b565fb2bcb1f00de2
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
393169efa07a3fe9db12ffbeec66e785b844eeabfce773e02f4db4f1e100abeb
3d556eccf38e1ad4e2040e7c4be64a72a166d344b1ed51f132046f237951b331
4233fdce81ee4f6a870a666984670d6139c6293203c8f8ffaed1a6edfc8098aa
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
475d9f9239506ff551d4b2eb82200be31fd2b7b50416bb58cba715ec0043277c
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
591e3eb39b18c9b5a89a3b1abc73d76b738ccfe6fbf9aa987a44f17f98a751c4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67cd2b1c1d8304a542db5c761e5f0477ee48901ca39fdda96ad03859394d8e1a
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a361f91395f1de8036b86f4b31d34814cc4f7c2109cb2f9192a0fb26eb4dfd4
6b522b7a7d628088bc48ca5eaba8271071b820fa816c16996ab47e6b6e69d28d
6da5fe27003264096969c620fa2b398b8a33ec33f5f1f848098f53027c8692d5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
760f0378a60ceb9aaf46bb32b3f971187cb7f7c15e7f6c16a45e3015a4f5f1c2
7d169c9f71196ce767a338dbc4306f2142c880ecfb3be8a50d68f205a2844be3
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
81a140499570e360cb09d601f7eb7da3a865abae6516013f7b0f7777dce9591a
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8c86f9e13582b1dd6eacabb3ab6f7c75a8403cc9dd0eef69c0a7a7e28bc146c7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab648d9a24739ec1925514c55be50352eb98446017057d094bb1dfe5f9079af
9c128b791b2088905685740ca5d3a2042d8e92f80a4c18c3ba3f24ba26065c15
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac916e2d317e4ff09b704a61c5664fc166e74179491d60cc17d95f482afc2a1b
b159fa8e90945bc80cd1c0757eef0c2ff67540dda47318beff5be8b70df10642
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
dfb8f3250f2f7011a111594d5e95451b57320e51c90737db903f00ffbb2c9caf
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e73b62d76def10576a592ea3a79436973c1cc13c0e64536609c1e0ca816dcd45
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f56de356e2d7c66634c06f73bd3e233874bce88b4d11d363308f2b4094a53ab5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28