urlscan.io logo urlscan.io
SecurityTrails logo

ww.sci-hub.ee Open in urlscan Pro
2606:4700:3032::6815:a85  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://ww.sci-hub.ee/
Submission: On February 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3032::6815:a85, located in United States and belongs to CLOUDFLARENET, US. The main domain is ww.sci-hub.ee.
TLS certificate: Issued by E1 on February 22nd 2023. Valid for: 3 months.
This is the only time ww.sci-hub.ee was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

1    2606:4700:3032::6815:a85 (United States)

ASN13335 (CLOUDFLARENET, US)
ww.sci-hub.ee
21    2606:4700:3034::6815:9e6 (United States)

ASN13335 (CLOUDFLARENET, US)
img.sci-hub.shop
7    2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2607:f8b0:4006:80a::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:81e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2607:f8b0:4006:806::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
3    2607:f8b0:4006:81c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:824::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 374221
584 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
206 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
5 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 10211
1 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 863
599 B
1 sci-hub.ee
ww.sci-hub.ee
7 KB
0 kitbit.net Failed
kitbit.net Failed
0 pluso.ru Failed
share.pluso.ru Failed
45 9
Domain Requested by
21 img.sci-hub.shop ww.sci-hub.ee
7 pagead2.googlesyndication.com ww.sci-hub.ee
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 counter.yadro.ru 1 redirects
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ww.sci-hub.ee
0 kitbit.net Failed img.sci-hub.shop
0 share.pluso.ru Failed img.sci-hub.shop
45 11

This site contains links to these domains. Also see Links.

Domain
sci-hub.ee
pluso.ru
vk.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
ww.sci-hub.ee
E1		 2023-02-22 -
2023-05-23		 3 months crt.sh
sci-hub.shop
Cloudflare Inc ECC CA-3		 2022-05-23 -
2023-05-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://ww.sci-hub.ee/
Frame ID: 752E6DB547F24237086D6C5981E4DE1D
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/zrt_lookup.html
Frame ID: 085A02AB33B1F60FE6F85761A4A03847
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677084431&rafmt=1&format=528x280&url=https%3A%2F%2Fww.sci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677084430635&bpp=21&bdt=2527&idt=643&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=6571239882034&frm=20&pv=2&ga_vid=491173457.1677084431&ga_sid=1677084431&ga_hid=1156408593&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=845831864415732&tmod=1364875988&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=hTdh8j8klq&p=https%3A//ww.sci-hub.ee&dtd=712
Frame ID: 43B781CF88E2E388D8870C08D4A39B26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1677084431&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fww.sci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677084430719&bpp=4&bdt=2610&idt=664&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=6571239882034&frm=20&pv=1&ga_vid=491173457.1677084431&ga_sid=1677084431&ga_hid=1156408593&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=845831864415732&tmod=1364875988&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=722
Frame ID: 78068B54FB490EB2A0EBB3DB7C4C8C46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73384B2A0809F2221DC02AA0542A5135
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3019DD0594C2661C4C5CE3D1D0C9A28
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sci-hub proxy search links

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

45
Requests

84 %
HTTPS

89 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

804 kB
Transfer

1536 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//ww.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//ww.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ww.sci-hub.ee/ 		27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww.sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b159fa8e90945bc80cd1c0757eef0c2ff67540dda47318beff5be8b70df10642

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=43200 no-cache
cf-cache-status
DYNAMIC
cf-ray
79d933a64b2231f8-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 16:47:08 GMT
expires
Thu, 23 Feb 2023 04:47:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSyz88Q7ivj%2Bd%2FFZtFNlf4ImoLHs7H2OkXrZ5F5AgQgUMRllKDxm2xbn96P1dsLvhhvjtm3ngm7FvpuU4JnSqBCvHreT0%2Fiu1uf%2FQLfPfHdydNoF9WkQe1bEARTYycTzqGb7aYnrBwD%2F1MdQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-cache
MISS MISS
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2273696
etag
W/"5c00bb7c-152b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ3sc7%2BuO7ak%2BsCdotzWpux45m4IB6DcZQEc5mSyFPhRkFCYN4SuBP5nXObB6p6hDcocFnC%2BAjkF95PPZfbmNBccfg61DVtFX9OKQPZVky9HZzrVLQyab9MU%2BcGoqv6oEFwiBk8cTFwEgNh6rnIX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
79d933b23e9309fa-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 27 Jan 2023 21:12:13 GMT
jquery-ui.min.js
img.sci-hub.shop/scihub/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Dec 2018 08:14:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2273696
etag
W/"5c13665c-3dee4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jE0PlqYbHx3avks2XrIJq0S8TUphk3giPLxMKCFHsRhzVSBRjc3gnFKmDnnGMyVwaWZL2XZcnp8cpkJKfLlNKgdXFJPAxVDGZmpOrBnZdvUImiCtxnpJ8NTSTv%2BYopgyMfLxttHUaYnje4xlfOu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
79d933b23e9509fa-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 27 Jan 2023 21:12:13 GMT
openapi.js
img.sci-hub.shop/scihub/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/openapi.js
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
103380
etag
W/"5c00bb8c-1798d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzOoEB8TERl6jSNlJPXYpN5FmMzIayaG%2FfMX2kNSG59FX39uJggw%2BS5lOoEwfNT2hQ1tvUJuVMN%2F21f8a%2BwE1EaJew4CBfnkc3jRe39RrdbHZadroQWOe0%2BJc5WUdpC2yq5YtuiY5bzbiN1ymX5x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
79d933b23e9609fa-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 22 Feb 2023 00:04:09 GMT
medal.png
img.sci-hub.shop/scihub/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/medal.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2273741
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22275
last-modified
Fri, 30 Nov 2018 06:13:38 GMT
server
cloudflare
etag
"5c00d512-5703"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yrg9IzEYkB1%2BIlUuZnX%2FIGLdpFtvFmKZsOxxNa4VVgcuN2o%2B9jb9ZHttXCvwRIzcMZcjXOsetU23Fy1GiYCW5kI7QkE3BAq9yrCjZDHCEnr5vjUCsr6JEOQlRF2XXcw80ziefDBHKHZzd70%2FSqBT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b53b0609fa-MIA
expires
Sun, 26 Feb 2023 09:11:28 GMT
key_1.png
img.sci-hub.shop/scihub/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/key_1.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8428
last-modified
Fri, 30 Nov 2018 06:13:40 GMT
server
cloudflare
etag
"5c00d514-20ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zsj9z%2B3wP1kSor%2BoA%2BxL3jeDiiJQ4hyVFGpZar08GNQb84%2FZVYm69e5PUfsF%2Fkamp%2F2OqQ1EiwUaVqQxHIlrnK4w8qtOdXILYbFaZXTmuuLNrRvJ9yoIAx%2FOQdns%2BEpd15PRpxt2Yp%2Bil5E%2BHPk2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b5aa049ae9-MIA
expires
Sun, 26 Feb 2023 07:54:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0f4f20be5f80b974187406ad609077f0a9cb2d7a7294bb03e72c7e49ac0ee1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49335
x-xss-protection
0
server
cafe
etag
14744772371754933481
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 16:47:10 GMT
top-back.jpg
img.sci-hub.shop/scihub/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/top-back.jpg
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2670662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
188646
last-modified
Mon, 16 Sep 2019 12:17:02 GMT
server
cloudflare
etag
"5d7f7d3e-2e0e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5%2FJLnB95WTLFS46dHsCVMKJixfjA9yirNxVL%2BGKiB2lyb7tq86JBNzsJRYIV9qpEpCns0u4gw8pKvmX0E3muVU0wHmBHfQKMejh7WG5DNOaGhq1BteTwZ%2FTAezPHPvp%2FMs3%2BgrUbVo2GhPnFhzr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
79d933b5faa39ae9-MIA
expires
Tue, 21 Feb 2023 18:56:07 GMT
logo_en.png
img.sci-hub.shop/scihub/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/logo_en.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14556
last-modified
Fri, 30 Nov 2018 05:56:38 GMT
server
cloudflare
etag
"5c00d116-38dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuiD6MhnlrZUTBBLH6LjJ27nSGaU7TDMRwZJGnm2lIgz8x4yH%2BT1wVQikf72WU3FlFdZBtA7H3zfl7Li84q6YEZKqlp3pakasd3cfVyA3coP4q5aWMQ%2B83vPLGN%2FItcExmx4FzlgnF4KODUr1Iv7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b64b319ae9-MIA
expires
Sun, 26 Feb 2023 07:58:15 GMT
raven_1.png
img.sci-hub.shop/scihub/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/raven_1.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2372818
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60144
last-modified
Fri, 30 Nov 2018 05:56:32 GMT
server
cloudflare
etag
"5c00d110-eaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Red0n%2B42r%2Bq36Cy5AjhFPNwwUk1n6%2BoporwpXSCjyzCRorTVMJXBY189HqYCwvHJv0O0Swr2Cenxic%2Fa%2FfG7Qn0mH4sMg6mUHcML3PcRR1F05DESftSbkxq0uBXk22QerenZ4S%2BPkJ6udY3txJMC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b64b359ae9-MIA
expires
Sat, 25 Feb 2023 05:40:11 GMT
map.jpg
img.sci-hub.shop/scihub/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/map.jpg
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2370875
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55605
last-modified
Fri, 30 Nov 2018 05:56:52 GMT
server
cloudflare
etag
"5c00d124-d935"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rcztqnGUbE0gY71tBFjtFmpa4OtF%2BPjuFIfNcSNvpmGIsp6ULg1WHoE54hfw1NVc2Y0v8hm%2Bk2Jftc7AYjdyjHahGNGFbetabbDzCkmIB2bpz0nMRC0R5PXYRjbmGP5KLe5J5NJyQnBNt%2BU%2FK8e"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b64b369ae9-MIA
expires
Sat, 25 Feb 2023 06:12:34 GMT
about-marker_en.png
img.sci-hub.shop/scihub/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2371938
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3361
last-modified
Fri, 30 Nov 2018 05:57:02 GMT
server
cloudflare
etag
"5c00d12e-d21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUn7B4ysOZMID3vwKpPPJXIVTzIjYBkDwW7VjgUdIwlByDCH7HNnzyDw5Ok4zV2fVbCJm9vFHTPoXa9a95c05kaGTO%2BcfxklB4mowC7dmBPU36N%2F5K4fxXUPb1Mefy27pyIDtLz5%2BKOP0HCzQWyc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b64b379ae9-MIA
expires
Sat, 25 Feb 2023 05:54:51 GMT
quote.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quote.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2371938
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1068
last-modified
Fri, 30 Nov 2018 05:57:12 GMT
server
cloudflare
etag
"5c00d138-42c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksGF0ABdRmYpeojTBmx4DJr7GJdG1%2BlAD2O3mnxfUpMjQU82TyrWSGTEzbUNTTvsJFDuJu3NMQvtp7%2BvawqJxKvZqSh1E1ZRuOBd3KK4vrY5iAInRN5Vci%2FXHt%2BhuNrByadnyFMaEHN0WAy%2B4UPI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b64b389ae9-MIA
expires
Sat, 25 Feb 2023 05:54:51 GMT
quotenext_en.png
img.sci-hub.shop/scihub/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2670596
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1087
last-modified
Fri, 30 Nov 2018 05:57:18 GMT
server
cloudflare
etag
"5c00d13e-43f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g6MrFs8ZEjycMD022n5ceISgmU4GgB%2F1QJyWVPnNTn8y7d6sQu0MyHCRZ0vBaWp64AvPnUHCnVV84QGT2iS9tNjuh9scFT0%2BttRa9deknDZ28F0sLnPxaZbZT5OUMDuwH7ffOjDoV%2FfFPQoqCg7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
79d933b64b3a9ae9-MIA
expires
Tue, 21 Feb 2023 18:57:13 GMT
pone.png
img.sci-hub.shop/scihub/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pone.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278455
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1637
last-modified
Fri, 30 Nov 2018 05:57:24 GMT
server
cloudflare
etag
"5c00d144-665"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yCyI3e3wmJC5sn7P1Nz4eu0%2B4R3hF29ILRF8%2B4PpDbY4beRcvNXr28lTxGtGhdDpclOjK3JsznJyqGRQwCseiJRqbacQKB2v6uBxnAOaOCcbrhI%2F7yDvGCtQNl4O28nLU4kv2pH8%2FwTDpe58Bkk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b64b3b9ae9-MIA
expires
Sun, 26 Feb 2023 07:52:54 GMT
ptwo.png
img.sci-hub.shop/scihub/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/ptwo.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2372818
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3907
last-modified
Fri, 30 Nov 2018 05:57:30 GMT
server
cloudflare
etag
"5c00d14a-f43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9oMnpcdAPRwo7XKT0wfUEwMc6jkEGpsPORuNoaHPg4bAO%2Fih8cqmvUqqa87djF0MoANpP%2FLbLfSmLVfGRh8YhCnuOmO%2FlccO6hToUwsPNJVZct05WmRC5KWnBRfhrs8IvGIQQY6V1U%2Bj%2FzZa3hr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b65b3f9ae9-MIA
expires
Sat, 25 Feb 2023 05:40:11 GMT
pthree.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/pthree.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2372818
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4278
last-modified
Fri, 30 Nov 2018 05:57:36 GMT
server
cloudflare
etag
"5c00d150-10b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeYQFMMvvcAZxix2jk80AT%2BZZjkQl7wGLzn%2BtQPk17XVdvKzIoX5E3fQgCptZSVUQwH8MLTjQ5GO0eekAr60a88jeJeRAB02LJ%2FbS1LXCJcedbV6F4UK0716O25WEsJIhZsbm4EUNt65eI9%2BeqpT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b66b6f9ae9-MIA
expires
Sat, 25 Feb 2023 05:40:11 GMT
people.jpg
img.sci-hub.shop/scihub/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/people.jpg
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278452
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51212
last-modified
Fri, 30 Nov 2018 05:57:56 GMT
server
cloudflare
etag
"5c00d164-c80c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgAF1hXaoyAAp%2BiN4zKFs50lmhhhDbmo0EqhhcD4PP0UbuumtUmz%2B4S%2BynB9SGsqIXwAOpUBqkbUc0btA4U30rPQmRQx1k04j%2FCWuo9%2BDEPH4ajt7bazSfzVuaLCWEswi4x6TO4bn0oP1mDm4Aqk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b66b739ae9-MIA
expires
Sun, 26 Feb 2023 07:52:57 GMT
join_en.png
img.sci-hub.shop/scihub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/join_en.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278452
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6197
last-modified
Fri, 30 Nov 2018 05:58:24 GMT
server
cloudflare
etag
"5c00d180-1835"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMIqH63UPrOkx%2BDBS%2FiEsvjbvjyYb6LHmQVsx%2BzoA4NzpIr4tW0jhBWEeGrmi5cFSgz15himRMiQ4gG%2Br77xwIyfWRYlRLFGFJSjo5SMBydFrPGvMjBM2bJGwVmLN5xnHSrDVWyjfEsXIv2lZv0B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b66b749ae9-MIA
expires
Sun, 26 Feb 2023 07:52:57 GMT
joinvk.png
img.sci-hub.shop/scihub/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinvk.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17834
last-modified
Fri, 30 Nov 2018 05:58:30 GMT
server
cloudflare
etag
"5c00d186-45aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoOREh%2FqAWzbZzK74qrKIbJAlNe1CU2qSW47GufX8Becd5%2BSOYd%2BrcnIne113A3RxBxhyTHLaNt1BBaIeegSK32GoWpVClqJfv2IbfviL6gqtdK87JvLVv1FMbFvgNT3Ul3VTl3HS013nrSV46CI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b66b769ae9-MIA
expires
Sun, 26 Feb 2023 07:52:58 GMT
jointwitter.png
img.sci-hub.shop/scihub/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/jointwitter.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5751
last-modified
Fri, 30 Nov 2018 05:58:42 GMT
server
cloudflare
etag
"5c00d192-1677"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9saTi5tMAcLYkQA9qNOTJMuhyM40QXeW0iopNdTupus6aHDw8LcU1p3P474oj7727fCoZFQ615n66TAnnI758sESr%2BBZvYGlLLg37eBQi0BJ4tSfLycjWUQvJ1pvVWSkWvWAr31XIx5Sp2WEQHU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b66b789ae9-MIA
expires
Sun, 26 Feb 2023 07:52:58 GMT
joinfacebook.png
img.sci-hub.shop/scihub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2278451
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4152
last-modified
Fri, 30 Nov 2018 05:58:36 GMT
server
cloudflare
etag
"5c00d18c-1038"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPNeObqxibg5HBmTzCU1iIXJTlS46WwSWOy%2BgZON8nSkMocTnonL7kki05fQBu8c0yoiCVN1wC1WslGVObZhGEJzr8D46JSJ1%2Bi2eeGxwN%2B9mcNlrz2MbS1ttqirT7kvmqnvzyj5XGpUWHTsRKSR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
79d933b66b7b9ae9-MIA
expires
Sun, 26 Feb 2023 07:52:58 GMT
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 		0
0
pluso-like.js
img.sci-hub.shop/scihub/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sci-hub.shop/scihub/pluso-like.js
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:9e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Nov 2018 04:39:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2371939
etag
W/"5c00bef8-a5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RveMoBrq%2BiOwRnWTjyZrrgY9sVLqRo%2FTx13s7yJFnO6BJ8KlIry%2BVcAk%2Fu30l18vOWLccMyiJpR8a3UcZFd9TjigLsCmX6vfgkTvYi8VpgfiaVeqddW8YX66uoKi%2BU1xYgM9l2NFANRKcUul9R9G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
79d933ba4b419ae9-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 26 Jan 2023 17:54:51 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 		365 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9813f41392bb1a915bb2652ee5ee7429b02e4ed0eda42a972ce9555c6b6b384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122918
x-xss-protection
0
server
cafe
etag
17521228540946450909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 16:47:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/ Frame 085A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230216/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ww.sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
36
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 16:46:35 GMT
etag
10353107486223812946
expires
Wed, 08 Mar 2023 16:46:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		387 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ww.sci-hub.ee&callback=_gfp_s_&client=ca-pub-5451336487934366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f80c34e0d1c97aa4b3050a619dfa1a821fac6bc24aa2b6de6336cc905287ce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ww.sci-hub.ee
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 43B7 		430 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1677084431&rafmt=1&format=528x280&url=https%3A%2F%2Fww.sci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677084430635&bpp=21&bdt=2527&idt=643&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=6571239882034&frm=20&pv=2&ga_vid=491173457.1677084431&ga_sid=1677084431&ga_hid=1156408593&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=845831864415732&tmod=1364875988&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=hTdh8j8klq&p=https%3A//ww.sci-hub.ee&dtd=712
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44cdf37ff3cd160315179c1b66386357fc1dab6c94326f2286d18fab9874c8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ww.sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 16:47:11 GMT
expires
Wed, 22 Feb 2023 16:47:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: ww.sci-hub.ee
URL: https://ww.sci-hub.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 16:47:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7806 		0
142 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1677084431&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fww.sci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677084430719&bpp=4&bdt=2610&idt=664&shv=r20230216&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=6571239882034&frm=20&pv=1&ga_vid=491173457.1677084431&ga_sid=1677084431&ga_hid=1156408593&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=845831864415732&tmod=1364875988&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=722
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ww.sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 16:47:11 GMT
expires
Wed, 22 Feb 2023 16:47:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
process
share.pluso.ru/ 		0
0
process
share.pluso.ru/ 		0
0
hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//ww.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//ww.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//ww.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 16:47:12 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Mon, 21 Feb 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 16:47:12 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//ww.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Mon, 21 Feb 2022 21:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230216&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff34f8b4222901cfcd77316fdb41a347d4976e12996eed72461c9c32dc2486b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11272
x-xss-protection
0
06.png
share.pluso.ru/img/pluso-like/square/medium/ 		0
0
plus.png
share.pluso.ru/img/ 		0
0
kb.js
kitbit.net/ 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 16:47:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7338 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ww.sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
11149
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 13:41:23 GMT
expires
Thu, 22 Feb 2024 13:41:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A301 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
768b2610b8a28bebb9ee9385ebf7d20b9bb416879e07b17cd730fa9c63fa9576
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rvZHZsyXQa-oAVj-lcQc6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ww.sci-hub.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-rvZHZsyXQa-oAVj-lcQc6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 16:47:13 GMT
expires
Wed, 22 Feb 2023 16:47:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 7338 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 14:12:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
527664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Feb 2024 14:12:49 GMT
generate_204
tpc.googlesyndication.com/ Frame 7338 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PGKxlQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 16:47:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A301 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230216&jk=845831864415732&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230216&jk=845831864415732&bg=!AwClAFTNAAZYlHKzeJQ7ADkAdvg8WrmA3PXnKH4A6-T_By1l3pkMX5ULGB0cDFLaki8Y5xo7SrrARaVsV60gEs1kD95kcCG6eqECAAABylIAAAAEaAEHCgCFlQcGgSFhKIcD2uHGvLmW6_Q3YEfZnHCnbKK13VX2i8nhJyRPM6vwRYSed0sD_KzXs75iCHzpGrW8qgGWWfjsa4_Jjusqq1r-qmoAAZaPuHIronKVOXVI5KnadkBEfsx0fieSquTHwAYT9La3ymJ3vKOwjDL4aGg4Bctu0j8efiXc190LbZkCqM5MxUuR9G1Gilun3GdtWp19FAmRMKKD3nbEi6iYaXYs8BVHh-1GOkzKL-dToCuTFHGI-nDbYvPAKW2ha05ZYHEM6VBk2uQe8NFPbXbX0tu8NGvYUeKkX-uHmhPHP2awKtZEEwPCLKlR7Lok8XW-iF9AhGdsAO8Xc6DM9NttXh7bUAxHUmOfIZqhSVzLwnDou7eBAVUuZ1xzzhY3_OXeODMTJZfLt-4QIlwiMdhxIQNCy92kebbSa5xRkobIgFW-4_P3NgBGrY1hN2VWcq0uYlWoPwHT5a9wROeGLtP9vGMmBHWrokyB98s-i4czYM71wsq73_3YgCX1BLxICcfomh0sgIbheJZ8ZQOdU6JeegvEaEGBAWrGqwaK5TcFjqBMmx3ZgQCGjqjx_rokxrBeR3afvnbLx2kc9z5J3vdlg796ZTWzUYKyN5khGxamk9laoWFGhDlA-Yq9nxcCMHmXSjhdREOxxMbk9nXkAD_ZwUk_ejftT9ekvB6feDBsgv2T2dXbwtgIZF70vlALslFwmnDVNEi-vIL7-CEIV1Z0-8I7hVCRATVCboLJO7WzejZavkJeLkORJXiABgA-NrBmINLSoOO1EtPj1nfgPey3vDK8uqemLI0e4y_RQhjEPHM3xxTxKkQkHBdZfU-Hq4v-8Bycrg9wy2eou1ytx8sodnkX7gJMYrwC2jhYeT1dYASF46fvi0EgCHKE6MZmKbsV6cGGAPwaF6JydmDVYYbKyTsWMdfKGtnUpGgGVXxvwJ2r7b5E1xDFLTc_Ebu-rdVwIpAauAwTGG4FsYCh_HFI_R6PpcILZV20YAsefPhnDrvEM8MiNwFo-Od7_5TuNolCyAr-ONBzGZjQ8PFOd7QdBsXwogrn_npJ-DuUlDZL9B0cxAbyLvvoIFKD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ww.sci-hub.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sci-hub.shop
URL
https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=tiacbZbQqxd9tuoL&first=1
Domain
share.pluso.ru
URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=2dc6211UM10SpiNG
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/pluso-like/square/medium/06.png
Domain
share.pluso.ru
URL
https://share.pluso.ru/img/plus.png
Domain
kitbit.net
URL
https://kitbit.net/kb.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go object| adsbygoogle number| ifpluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| pluso string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| k string| pt object| s object| GoogleGcLKhOms

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.sci-hub.ee/ Name: __gads
Value: ID=1d4d1ac00ce3da1a-2295ceb1addc000d:T=1677084431:RT=1677084431:S=ALNI_MZ01gbzmeF1Ol-lo7q6ntljfQlh1g
.sci-hub.ee/ Name: __gpi
Value: UID=000009ba21a08b62:T=1677084431:RT=1677084431:S=ALNI_MYAPef87Hk7bCiWZlYi4id09pSMcg
.yadro.ru/ Name: FTID
Value: 1ZzaSG0zyIuV1ZzaSG003U_Y
.yadro.ru/ Name: VID
Value: 18a98d1Uyk8V1ZzaSG003V23

2 Console Messages

Source Level URL
Text
javascript error URL: https://ww.sci-hub.ee/
Message:
Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://ww.sci-hub.ee' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
counter.yadro.ru
googleads.g.doubleclick.net
img.sci-hub.shop
kitbit.net
pagead2.googlesyndication.com
partner.googleadservices.com
share.pluso.ru
tpc.googlesyndication.com
ww.sci-hub.ee
www.google.com
img.sci-hub.shop
kitbit.net
share.pluso.ru
2606:4700:3032::6815:a85
2606:4700:3034::6815:9e6
2607:f8b0:4006:806::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:824::2004
88.212.202.52
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f80c34e0d1c97aa4b3050a619dfa1a821fac6bc24aa2b6de6336cc905287ce6
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
44cdf37ff3cd160315179c1b66386357fc1dab6c94326f2286d18fab9874c8fe
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
768b2610b8a28bebb9ee9385ebf7d20b9bb416879e07b17cd730fa9c63fa9576
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b159fa8e90945bc80cd1c0757eef0c2ff67540dda47318beff5be8b70df10642
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
c9813f41392bb1a915bb2652ee5ee7429b02e4ed0eda42a972ce9555c6b6b384
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0f4f20be5f80b974187406ad609077f0a9cb2d7a7294bb03e72c7e49ac0ee1e
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28
ff34f8b4222901cfcd77316fdb41a347d4976e12996eed72461c9c32dc2486b8