sci-hub.cc
Open in
urlscan Pro
2400:cb00:2048:1::6812:3b3f
Malicious Activity!
Public Scan
Submission: On October 27 via manual from NL
Summary
This is the only time sci-hub.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sci-Hub (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 2400:cb00:204... 2400:cb00:2048:1::6812:3b3f | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
2 | 198.232.125.113 198.232.125.113 | 3257 (GTT-BACKB...) (GTT-BACKBONE GTT) | |
1 2 | 95.213.4.234 95.213.4.234 | 47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com) | |
1 5 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
2 | 31.131.252.91 31.131.252.91 | 49505 (SELECTEL) (SELECTEL) | |
3 | 31.131.252.90 31.131.252.90 | 49505 (SELECTEL) (SELECTEL) | |
1 2 | 88.212.201.194 88.212.201.194 | 39134 (UNITEDNET) (UNITEDNET) | |
3 | 31.131.252.94 31.131.252.94 | 49505 (SELECTEL) (SELECTEL) | |
4 6 | 188.42.131.52 188.42.131.52 | 7979 (SERVERS) (SERVERS - Servers.com) | |
3 | 185.15.175.135 185.15.175.135 | 43226 (SAFEDATA ...) (SAFEDATA Uplinks) | |
2 2 | 148.251.76.230 148.251.76.230 | 24940 (HETZNER-AS) (HETZNER-AS) | |
4 6 | 185.15.175.133 185.15.175.133 | 43226 (SAFEDATA ...) (SAFEDATA Uplinks) | |
1 1 | 23.111.31.228 23.111.31.228 | 7979 (SERVERS) (SERVERS - Servers.com) | |
2 2 | 185.15.175.131 185.15.175.131 | 43226 (SAFEDATA ...) (SAFEDATA Uplinks) | |
1 1 | 138.201.8.33 138.201.8.33 | 24940 (HETZNER-AS) (HETZNER-AS) | |
5 5 | 172.217.22.66 172.217.22.66 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
2 3 | 35.157.112.200 35.157.112.200 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 136.243.131.40 136.243.131.40 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 1 | 88.212.246.68 88.212.246.68 | 7979 (SERVERS) (SERVERS - Servers.com) | |
46 | 14 |
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
sci-hub.cc |
ASN3257 (GTT-BACKBONE GTT, DE)
PTR: 113-125-232-198.static.unitasglobal.net
code.jquery.com |
ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv234-4-213-95.vk.com
userapi.com |
ASN7979 (SERVERS - Servers.com, Inc., US)
PTR: prod-sceu-facetz-lba-1.dca-ops.tech
front.facetz.net |
ASN24940 (HETZNER-AS, DE)
PTR: static.230.76.251.148.clients.your-server.de
cm.p.altergeo.ru |
ASN24940 (HETZNER-AS, DE)
PTR: static.33.8.201.138.clients.your-server.de
amberdata-sync.rutarget.ru |
ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s17-in-f66.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-112-200.eu-central-1.compute.amazonaws.com
ps.eyeota.net |
ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-facetz-lba-1.dca-ops.tech
front.facetz.net |
ASN7979 (SERVERS - Servers.com, Inc., US)
PTR: prod-scru-openstat-forwarder-4.dca-ops.tech
openstat.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
sci-hub.cc
sci-hub.cc |
462 KB |
11 |
digitaltarget.ru
6 redirects
tag.digitaltarget.ru dmg.digitaltarget.ru |
12 KB |
7 |
facetz.net
4 redirects
front.facetz.net |
6 KB |
5 |
doubleclick.net
5 redirects
cm.g.doubleclick.net |
2 KB |
5 |
pluso.ru
share.pluso.ru |
39 KB |
5 |
yandex.ru
1 redirects
mc.yandex.ru |
32 KB |
3 |
eyeota.net
2 redirects
ps.eyeota.net |
663 B |
3 |
kitbit.net
kitbit.net |
1 KB |
2 |
altergeo.ru
2 redirects
cm.p.altergeo.ru |
1 KB |
2 |
yadro.ru
1 redirects
counter.yadro.ru |
561 B |
2 |
userapi.com
1 redirects
userapi.com |
26 KB |
2 |
jquery.com
code.jquery.com |
116 KB |
1 |
openstat.net
1 redirects
openstat.net |
472 B |
1 |
rutarget.ru
1 redirects
amberdata-sync.rutarget.ru |
402 B |
1 |
omnidsp.com
1 redirects
sync.omnidsp.com |
347 B |
0 |
exe.bid
Failed
profile-eu.exe.bid Failed |
|
46 | 16 |
Domain | Requested by | |
---|---|---|
19 | sci-hub.cc |
sci-hub.cc
|
8 | dmg.digitaltarget.ru | 6 redirects |
7 | front.facetz.net |
4 redirects
share.pluso.ru
front.facetz.net |
5 | cm.g.doubleclick.net | 5 redirects |
5 | share.pluso.ru |
sci-hub.cc
share.pluso.ru |
5 | mc.yandex.ru |
1 redirects
sci-hub.cc
|
3 | ps.eyeota.net | 2 redirects |
3 | tag.digitaltarget.ru |
kitbit.net
tag.digitaltarget.ru |
3 | kitbit.net |
share.pluso.ru
kitbit.net |
2 | cm.p.altergeo.ru | 2 redirects |
2 | counter.yadro.ru | 1 redirects |
2 | userapi.com |
1 redirects
sci-hub.cc
|
2 | code.jquery.com |
sci-hub.cc
|
1 | openstat.net | 1 redirects |
1 | amberdata-sync.rutarget.ru | 1 redirects |
1 | sync.omnidsp.com | 1 redirects |
0 | profile-eu.exe.bid Failed |
front.facetz.net
|
46 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
sci-hub.io |
pluso.ru |
vk.com |
twitter.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.userapi.com GlobalSign Organization Validation CA - SHA256 - G2 |
2017-06-14 - 2018-06-15 |
a year | crt.sh |
bs.yandex.ru Yandex CA |
2015-12-16 - 2017-12-15 |
2 years | crt.sh |
tag.digitaltarget.ru Let's Encrypt Authority X3 |
2017-09-28 - 2017-12-27 |
3 months | crt.sh |
dmg.digitaltarget.ru Let's Encrypt Authority X3 |
2017-09-28 - 2017-12-27 |
3 months | crt.sh |
COMODO RSA Domain Validation Secure Server CA |
2016-02-10 - 2018-02-09 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
http://sci-hub.cc/
Frame ID: 9778.1
Requests: 44 HTTP requests in this frame
Frame:
http://front.facetz.net/crossd_pluso_iframe.html
Frame ID: 9778.2
Requests: 1 HTTP requests in this frame
Frame:
http://profile-eu.exe.bid/sandbox/
Frame ID: 9778.3
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
Yandex.Metrika (Analytics) Expand
Detected patterns
- script /mc\.yandex\.ru\/metrika\/watch\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://userapi.com/js/api/openapi.js?49 HTTP 301
- https://userapi.com/js/api/openapi.js?49
- https://mc.yandex.ru/watch/10183018?wmode=7&page-url=http%3A%2F%2Fsci-hub.cc%2F&ut=noindex&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20171027171547%3Aet%3A1509124548%3Aen%3Autf-8%3Av%3A904%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1068301509%3Ahid%3A1024657193%3Ads%3A1%2C5%2C464%2C1%2C0%2C0%2C0%2C825%2C1%2C%2C%2C%2C1295%3Ast%3A1509124548%3Au%3A1509124548793730890%3At%3ASci-Hub%3A%20removing%20barriers%20in%20the%20way%20of%20science HTTP 302
- https://mc.yandex.ru/watch/10183018/1?wmode=7&page-url=http%3A%2F%2Fsci-hub.cc%2F&ut=noindex&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20171027171547%3Aet%3A1509124548%3Aen%3Autf-8%3Av%3A904%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1068301509%3Ahid%3A1024657193%3Ads%3A1%2C5%2C464%2C1%2C0%2C0%2C0%2C825%2C1%2C%2C%2C%2C1295%3Ast%3A1509124548%3Au%3A1509124548793730890%3At%3ASci-Hub%3A%20removing%20barriers%20in%20the%20way%20of%20science
- http://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//sci-hub.cc/;hSci-Hub%3A%20removing%20barriers%20in%20the%20way%20of%20science;1 HTTP 302
- http://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//sci-hub.cc/;hSci-Hub%3A%20removing%20barriers%20in%20the%20way%20of%20science;1
- http://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D16%26e%3D%24%7BUSER_ID%7D%26c%3Dds%3A16.up%3A%24%7BUSER_ID%7D.rs%3A1086.pc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D HTTP 302
- http://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D16%26e%3D%24%7BUSER_ID%7D%26c%3Dds%3A16.up%3A%24%7BUSER_ID%7D.rs%3A1086.pc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D&cc=1 HTTP 302
- https://dmg.digitaltarget.ru/1/2016/i/i?a=16&e=CMtbx3M+_UScanAiOA6p6V&c=ds:16.up:CMtbx3M+_UScanAiOA6p6V.rs:1086.pc:&i=5aebdd8 HTTP 302
- https://dmg.digitaltarget.ru/1/2016/i/i?a=16&e=CMtbx3M+_UScanAiOA6p6V&c=ds:16.up:CMtbx3M+_UScanAiOA6p6V.rs:1086.pc:&i=5aebdd8&q=scc
- http://sync.omnidsp.com/match?src=amberdata HTTP 302
- https://dmg.digitaltarget.ru/1/6329/i/i?a=626&e=33f48e5c-af7b-472f-a1ca-fe17fc52adb0&i=1509124548411 HTTP 302
- https://dmg.digitaltarget.ru/1/6329/i/i?a=626&e=33f48e5c-af7b-472f-a1ca-fe17fc52adb0&i=1509124548411&q=scc
- http://dmg.digitaltarget.ru/1/1086/i/i?i=591104093616565.21785270226361&a=86&e=5EFC831FBF69F3599E4835220270E9A8&c=ss:86.up:5EFC831FBF69F3599E4835220270E9A8.sync:up.dn:sci_hub__cc.tg:.cr: HTTP 302
- http://dmg.digitaltarget.ru/1/1086/i/i?i=591104093616565.21785270226361&a=86&e=5EFC831FBF69F3599E4835220270E9A8&c=ss:86.up:5EFC831FBF69F3599E4835220270E9A8.sync:up.dn:sci_hub__cc.tg:.cr:&q=scc HTTP 302
- https://amberdata-sync.rutarget.ru/sync HTTP 302
- https://dmg.digitaltarget.ru/1/175/i/i?a=175&e=RkGv5b4d-aiy HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm&c=rs:175&i=374801001507579149734000000031653178 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&c=rs:175&i=374801001507579149734000000031653178&google_tc= HTTP 302
- https://dmg.digitaltarget.ru/1/1155/v/x?a=155&e=CAESEFYXs5O3V8oyntiGmQXvBbE&c=rs:175&i=374801001507579149734000000031653178&google_cver=1 HTTP 302
- https://ps.eyeota.net/pixel?pid=0rij2bu&t=gif&uid=bx3uYuRM_Rl85555jBDv HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=0rij2bu&t=gif&uid=bx3uYuRM_Rl85555jBDv HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1 HTTP 302
- https://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEBF6sI_CDZepjbrY8C3sCLg&google_cver=1
- http://front.facetz.net/collect?source=pluso&id=&previous_url=&site=sci-hub.cc&page_title=Sci-Hub%3A%20removing%20barriers%20in%20the%20way%20of%20science&rn=0.2325564312936279&pixel_id=176&session=ejg8sf9zy HTTP 302
- http://front.facetz.net/collect?sync_redirect=dmp_dbmgoogle&rndx=1509124550726 HTTP 302
- http://cm.g.doubleclick.net/pixel?google_nid=facetz_ddp&google_cm&google_hm=GItJr-_RQZqUFdrHGQAKbw&rndx=1509124550742 HTTP 302
- http://front.facetz.net/collect?source=dbm&id=CAESEI5Jr6iSf3ZHrv7a9gZXuQk&google_gid=CAESEI5Jr6iSf3ZHrv7a9gZXuQk&google_cver=1&rndx=1509124550742
- http://openstat.net/sync/p.gif?rn=0.013152136260198066 HTTP 302
- http://front.facetz.net/collect?id=280764229444&source=openstat&rn=0.013152136260198066 HTTP 302
- http://front.facetz.net/collect?sync_redirect=dmp_dbmgoogle&rndx=1509124551000 HTTP 302
- http://cm.g.doubleclick.net/pixel?google_nid=facetz_ddp&google_cm&google_hm=GItJr-_RQZqUFdrHGQAKbw&rndx=1509124551015 HTTP 302
- http://front.facetz.net/collect?source=dbm&id=CAESEI5Jr6iSf3ZHrv7a9gZXuQk&google_gid=CAESEI5Jr6iSf3ZHrv7a9gZXuQk&google_cver=1&rndx=1509124551015
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
sci-hub.cc/ |
26 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.1.1.min.js
code.jquery.com/ |
85 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ |
248 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
openapi.js
userapi.com/js/api/ Redirect Chain
|
87 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
medal.png
sci-hub.cc/misc/img/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
key_1.png
sci-hub.cc/misc/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-back.jpg
sci-hub.cc/misc/img/ |
184 KB 184 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_en.png
sci-hub.cc/misc/img/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
raven_1.png
sci-hub.cc/misc/img/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AvenirLTW01-55Roman.woff2
sci-hub.cc/misc/fonts/ |
16 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
map.jpg
sci-hub.cc/misc/img/ |
54 KB 54 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
about-marker_en.png
sci-hub.cc/misc/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quote.png
sci-hub.cc/misc/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quotenext_en.png
sci-hub.cc/misc/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pone.png
sci-hub.cc/misc/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ptwo.png
sci-hub.cc/misc/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pthree.png
sci-hub.cc/misc/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
people.jpg
sci-hub.cc/misc/img/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
join_en.png
sci-hub.cc/misc/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
joinvk.png
sci-hub.cc/misc/img/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jointwitter.png
sci-hub.cc/misc/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
joinfacebook.png
sci-hub.cc/misc/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ |
86 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
pluso-like.js
share.pluso.ru/ |
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
1
mc.yandex.ru/watch/10183018/ Redirect Chain
|
0 0 |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
process
share.pluso.ru/ |
114 B 112 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
process
share.pluso.ru/ |
114 B 112 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
hit;PLUSO
counter.yadro.ru/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
06.png
share.pluso.ru/img/pluso-like/square/medium/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plus.png
share.pluso.ru/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
kb.js
kitbit.net/ |
960 B 972 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/10183018/ |
116 B 116 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
collect_pluso.js
front.facetz.net/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
crossd_pluso_iframe.html
front.facetz.net/ Frame 9778 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adcm.js
tag.digitaltarget.ru/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.js
kitbit.net/ |
1 B 11 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
h.gif
kitbit.net/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
processor.js
tag.digitaltarget.ru/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extension_1086.js
tag.digitaltarget.ru/extensions/ |
331 B 331 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
i
dmg.digitaltarget.ru/1/2016/i/ Redirect Chain
|
0 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
i
dmg.digitaltarget.ru/1/6329/i/ Redirect Chain
|
0 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 70 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
collect
front.facetz.net/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
profile-eu.exe.bid/sandbox/ Frame 9778 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
collect
front.facetz.net/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- front.facetz.net
- URL
- http://front.facetz.net/crossd_pluso_iframe.html
- Domain
- profile-eu.exe.bid
- URL
- http://profile-eu.exe.bid/sandbox/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sci-Hub (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sci-hub.cc/ | Name: _ym_uid Value: 1509124548793730890 |
|
.sci-hub.cc/ | Name: session Value: 9b2300bb78f5899c6748545cbc41b4cd |
|
.sci-hub.cc/ | Name: refresh Value: 1509124546.3314 |
|
.sci-hub.cc/ | Name: __cfduid Value: d2da7f69d87a77cd69a287f90f2278d241509124546 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amberdata-sync.rutarget.ru
cm.g.doubleclick.net
cm.p.altergeo.ru
code.jquery.com
counter.yadro.ru
dmg.digitaltarget.ru
front.facetz.net
kitbit.net
mc.yandex.ru
openstat.net
profile-eu.exe.bid
ps.eyeota.net
sci-hub.cc
share.pluso.ru
sync.omnidsp.com
tag.digitaltarget.ru
userapi.com
front.facetz.net
profile-eu.exe.bid
136.243.131.40
138.201.8.33
148.251.76.230
172.217.22.66
185.15.175.131
185.15.175.133
185.15.175.135
188.42.131.52
198.232.125.113
23.111.31.228
2400:cb00:2048:1::6812:3b3f
2a02:6b8::1:119
31.131.252.90
31.131.252.91
31.131.252.94
35.157.112.200
88.212.201.194
88.212.246.68
95.213.4.234
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
183734392a74cfbafc30a75df078b4579cbdb14cbefec6abc5bdd83135781ac0
1f39cb0417a605765b2274e81efb103ad493b8d307cc339186c1e94f403d70e6
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
268fdbbca58699934996df44e43c4b3a83570607171d9aae1284c872130b4e8e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3628b208eb8cf645990eb7fe4ae813ec72defca7e2997a979ad01b95b1834efc
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
64a8f30b75725f9fb6169c28dcbd554ff52a72e11d0fd60f3dd6808722c43b63
781bbaed6bfd434b92382432bab412ba30c7a512b568f23251d9fe9e054ccbd3
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7aa2966e12a02457a517a11d474a6772907eb8e11d35be21a984f71c4576c598
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
8327900ad233a768b5b08d39bf05eeb1e8c85df3a7dadf446cb2bcc3b1d6063e
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8cc3462bbd85a8ba8adae9cd443a3a66f8195bcc7efd3edb547ba841310edaa9
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
9a8b7580d35086ad42f60b0322135d864e8cbd177e1bedd2be4edc776cc6264b
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c745b43f7ad54bdfa3b2e6ce8c9161e7fd807bdbbf12b8350bdcdc5e822a1a47
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91aaa54e321eaade9128c7e1b478e2aaec9ce3103fef905a70472aa84549227
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28