sci-hub.hkvisa.net
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
URL:
https://sci-hub.hkvisa.net/
Submission: On November 25 via manual from SG — Scanned from NL
Submission: On November 25 via manual from SG — Scanned from NL
Summary
This website contacted 29 IPs
in 6 countries
across 25 domains to perform 113 HTTP transactions.
The main IP is 2a06:98c1:3120::3, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is sci-hub.hkvisa.net.
The Cisco Umbrella rank of the primary domain is 409439.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 11th 2022. Valid for: a year.
This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 11th 2022. Valid for: a year.
This is the only time sci-hub.hkvisa.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sci-Hub (Consumer)Domain & IP information
12
2a00:1450:4001:806::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
18
2a00:1450:4001:80e::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net | |
| adservice.google.nl |
1
2a00:1450:4001:811::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| partner.googleadservices.com |
15
2a00:1450:4001:80f::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
3
2a00:1450:4001:830::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
2
172.217.18.3
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
| p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com |
1
3.74.33.199
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-33-199.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-33-199.eu-central-1.compute.amazonaws.com
| d.agkn.com |
5
142.250.186.34
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
| cm.g.doubleclick.net |
1
35.227.252.103
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
| rtb.openx.net |
1
69.173.144.139
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
1
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
(London, United Kingdom)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| ag.innovid.com |
1
142.250.185.178
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f18.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f18.1e100.net
| p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i1-v6exp3.v4.metric.gstatic.com |
1
2a00:1450:4001:80b::2012
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i2-v6exp3.ds.metric.gstatic.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147 |
478 KB |
| 21 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 |
89 KB |
| 21 |
sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 349847 |
584 KB |
| 9 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 601 pix.eu.criteo.net — Cisco Umbrella Rank: 6719 csm.eu.criteo.net — Cisco Umbrella Rank: 6774 |
80 KB |
| 7 |
google.com
2 redirects
adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2 |
2 KB |
| 6 |
gstatic.com
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i1-v6exp3.v4.metric.gstatic.com p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i2-v6exp3.ds.metric.gstatic.com |
58 KB |
| 3 |
criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12553 ads.eu.criteo.com — Cisco Umbrella Rank: 6648 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8310 |
43 KB |
| 3 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178 |
142 KB |
| 3 |
google.nl
adservice.google.nl — Cisco Umbrella Rank: 12420 |
1 KB |
| 2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 8545 |
1 KB |
| 2 |
melia.com
1 redirects
mm.melia.com — Cisco Umbrella Rank: 32119 mml1.melia.com — Cisco Umbrella Rank: 16451 |
2 KB |
| 2 |
casalemedia.com
2 redirects
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450 |
2 KB |
| 2 |
pubmatic.com
2 redirects
image6.pubmatic.com — Cisco Umbrella Rank: 681 |
1 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52 |
1 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223 |
5 KB |
| 1 |
adform.net
1 redirects
a1.adform.net — Cisco Umbrella Rank: 8094 |
515 B |
| 1 |
innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1473 |
297 B |
| 1 |
rubiconproject.com
1 redirects
pixel.rubiconproject.com — Cisco Umbrella Rank: 314 |
460 B |
| 1 |
openx.net
rtb.openx.net — Cisco Umbrella Rank: 1486 |
351 B |
| 1 |
agkn.com
1 redirects
d.agkn.com — Cisco Umbrella Rank: 587 |
766 B |
| 1 |
quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 649 |
464 B |
| 1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860 |
694 B |
| 1 |
hkvisa.net
sci-hub.hkvisa.net — Cisco Umbrella Rank: 409439 |
7 KB |
| 0 |
kitbit.net
Failed
kitbit.net Failed |
|
| 0 |
pluso.ru
Failed
share.pluso.ru Failed |
|
| 113 | 25 |
| Domain | Requested by | |
|---|---|---|
| 21 | img.sci-hub.shop |
sci-hub.hkvisa.net
|
| 16 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
| 15 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
| 12 | pagead2.googlesyndication.com |
sci-hub.hkvisa.net
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com |
| 6 | static.criteo.net |
ads.eu.criteo.com
|
| 5 | cm.g.doubleclick.net |
googleads.g.doubleclick.net
|
| 4 | www.google.com |
2 redirects
googleads.g.doubleclick.net
tpc.googlesyndication.com |
| 3 | www.googletagservices.com |
googleads.g.doubleclick.net
|
| 3 | adservice.google.com |
pagead2.googlesyndication.com
|
| 3 | adservice.google.nl |
pagead2.googlesyndication.com
|
| 2 | counter.yadro.ru | 1 redirects |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | pix.eu.criteo.net |
ads.eu.criteo.com
|
| 2 | ssum-sec.casalemedia.com | 2 redirects |
| 2 | image6.pubmatic.com | 2 redirects |
| 2 | p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com |
googleads.g.doubleclick.net
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com |
| 1 | p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i2-v6exp3.ds.metric.gstatic.com | |
| 1 | p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i1-v6exp3.v4.metric.gstatic.com | |
| 1 | fonts.googleapis.com |
cdnjs.cloudflare.com
|
| 1 | csm.eu.criteo.net |
ads.eu.criteo.com
|
| 1 | cdnjs.cloudflare.com |
ads.eu.criteo.com
|
| 1 | mml1.melia.com |
ads.eu.criteo.com
|
| 1 | mm.melia.com | 1 redirects |
| 1 | a1.adform.net | 1 redirects |
| 1 | cat.fr.eu.criteo.com |
ads.eu.criteo.com
|
| 1 | ag.innovid.com |
googleads.g.doubleclick.net
|
| 1 | pixel.rubiconproject.com | 1 redirects |
| 1 | rtb.openx.net |
googleads.g.doubleclick.net
|
| 1 | d.agkn.com | 1 redirects |
| 1 | cms.quantserve.com |
googleads.g.doubleclick.net
|
| 1 | ads.eu.criteo.com |
googleads.g.doubleclick.net
|
| 1 | rtb.fr.eu.criteo.com |
googleads.g.doubleclick.net
|
| 1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
| 1 | sci-hub.hkvisa.net | |
| 0 | kitbit.net Failed |
img.sci-hub.shop
|
| 0 | share.pluso.ru Failed |
img.sci-hub.shop
|
| 113 | 36 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| pluso.ru |
| vk.com |
| twitter.com |
| www.facebook.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| hkvisa.net Cloudflare Inc ECC CA-3 |
2022-03-11 - 2023-03-10 |
a year | crt.sh |
| sci-hub.shop Cloudflare Inc ECC CA-3 |
2022-05-23 - 2023-05-23 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.google.nl GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-27 - 2022-12-29 |
3 months | crt.sh |
| *.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-14 - 2023-01-13 |
3 months | crt.sh |
| *.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
| *.openx.net GeoTrust RSA CA 2018 |
2022-07-21 - 2023-08-21 |
a year | crt.sh |
| *.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-03-15 - 2023-04-15 |
a year | crt.sh |
| *.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-11-08 - 2023-02-04 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
| *.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-11-01 - 2023-02-04 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.v4.metric.gstatic.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.ds.metric.gstatic.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
This page contains 20 frames:
Primary Page:
https://sci-hub.hkvisa.net/
Frame ID: A50E58E13EEEF1237336D695E5FF1304
Requests: 43 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 1AAC7A4EB459CA95045A43581294659E
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=90&slotname=4859960692&adk=1980608376&adf=2653041513&pi=t.ma~as.4859960692&w=970&lmt=1669346331&format=970x90&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346331447&bpp=4&bdt=446&idt=181&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=8293296417033&frm=20&pv=2&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=63w7cKb4OA&p=https%3A//sci-hub.hkvisa.net&dtd=198
Frame ID: 4BB8824EBE156BF006EEBCDCA28DDF9B
Requests: 10 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&slotname=4859960692&adk=4036303272&adf=2987723014&pi=t.ma~as.4859960692&w=1200&fwrn=4&fwrnh=100&lmt=1669346331&rafmt=1&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346331451&bpp=3&bdt=450&idt=201&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=8293296417033&frm=20&pv=1&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mA1JFGTzml&p=https%3A//sci-hub.hkvisa.net&dtd=203
Frame ID: 279801F856E0064CF1C4F786A2A1ED37
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&adk=1812271804&adf=3025194257&lmt=1669346331&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346331466&bpp=2&bdt=465&idt=192&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C1200x280&nras=1&correlator=8293296417033&frm=20&pv=1&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=197
Frame ID: F00134478C8B2203635E7BA0DF24B1A6
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669346332&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346332131&bpp=1&bdt=1130&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De5e7a44c28126fd6-22ae39e98dd70038%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MaVQ_9zivGaLfp3HwZr1NEFmos1mA&gpic=UID%3D00000b86bebd923b%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MY0Quv-pA7XR9IWQn5Qc7xiAhBshA&prev_fmts=970x90%2C1200x280%2C0x0&nras=2&correlator=8293296417033&frm=20&pv=1&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=lFfYG8Km6I&p=https%3A//sci-hub.hkvisa.net&dtd=9
Frame ID: 2206A0393277871F15919530899961BD
Requests: 8 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.28055224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1669346332&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346332131&bpp=1&bdt=1130&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De5e7a44c28126fd6-22ae39e98dd70038%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MaVQ_9zivGaLfp3HwZr1NEFmos1mA&gpic=UID%3D00000b86bebd923b%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MY0Quv-pA7XR9IWQn5Qc7xiAhBshA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280&nras=3&correlator=8293296417033&frm=20&pv=1&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=aqc9iwRnhB&p=https%3A//sci-hub.hkvisa.net&dtd=13
Frame ID: 22762B3EF7D7FD0DFDF9465FF0658A9F
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.3997822654~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669346332&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346332131&bpp=1&bdt=1129&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De5e7a44c28126fd6-22ae39e98dd70038%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MaVQ_9zivGaLfp3HwZr1NEFmos1mA&gpic=UID%3D00000b86bebd923b%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MY0Quv-pA7XR9IWQn5Qc7xiAhBshA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=8293296417033&frm=20&pv=1&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=c1KoHBrjz3&p=https%3A//sci-hub.hkvisa.net&dtd=17
Frame ID: 58D4B60FA556606A8586E46DDC388820
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=2618064310&adf=1440028034&pi=t.aa~a.3235558080~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1669346332&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346332131&bpp=1&bdt=1130&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De5e7a44c28126fd6-22ae39e98dd70038%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MaVQ_9zivGaLfp3HwZr1NEFmos1mA&gpic=UID%3D00000b86bebd923b%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MY0Quv-pA7XR9IWQn5Qc7xiAhBshA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=8293296417033&frm=20&pv=1&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3327&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=FzKsJpfeXM&p=https%3A//sci-hub.hkvisa.net&dtd=21
Frame ID: DDE25834BCDE5E2D2C19A35BC29E69F2
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7FCBA2096D8DE6FB560EA36641827CBA
Requests: 2 HTTP requests in this frame
Frame:
https://p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 88187D5B071E5F625AA59F60A3EC0FFA
Requests: 4 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 127E6FAAE292EA82134B48AF714FA516
Requests: 7 HTTP requests in this frame
Frame:
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4A0HAACjE0Kd6YHAAyphIi7x76hW1MYYQN1Tg&u=%7ChhteHl%2BNf6MFmold1sdcFa%2BxNcS8ytThc6mJKpXzRVM%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkKB1nSffe-6AZ6aiqm9dATUP056DaLLlEIHEDzIr1ksqxaiKjx1qmF0-dt4eQhBdRCuRnX7Q_eVihphNZlIxx03bxOmvSiTg7utmg7zWu-xWrxHYNEd06ESCSCyQU_aZ-bGR-zsyU9LD5Kvh4je1kj2PZ8uu4peIXzpRNXN5Jl1n9asX-LPcjxtLUT13M_m9VWC-0mz2ztBulRlnSh18156NCXDtgh8r6BeG27OmO8K52dI64N3yKYW-BKZIeY7kwdR_Qyu5xawE9iOC9negZ8D1ko-l1gUas7LNMIpZPk5DF1D_cNs8j7ocwRAF7x6IKsSHSb3J2lo79Biqx0jfChJK_jhzDJMZRa6GVfAYtI8W0zYhWNlDdGLXndRLmIkVfIGgNgSOPqf2ywkMA67m2kOYnOAc2IGXkN1XVbmXebKKBmvzHZzFVhsKnwjAmu01WUOWiceLH2OzTi2kRDJFimh55MUbVldHuj1W1w4QI2yq-goghry7YN_xZHHwJjEUjvhmsovzD6NjasO0PEbnl3YB83Pd0UdLW9aWZ6iXhFhCIeqJo_dhwIxGcYkptHoI9w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoAtmHDSAY82YCofM3gOE07KICMme0rFc9eqhhogBwI23ARABIABgkYSAgPwXggEXY2EtcHViLTQ3ODgwODMyMTkyMjQyNzjIAQmpAu9kQzshd7E-qAMBqgTQAU_QDnac6cZ6NuA18f07f480LpaU1P2Am_dF2iaAJ_gXILhWrYrPUm2PoNyQf8Ntn4_9dkLh1aQm-BJ7cqafYifShhQW4tP7UEkdKwv99AQDO86VFz9RafpG4mSiHaCqAQ9jS5pNBWR_gCmmNkwL9DcDiguY7XNwp-aFzyxc6WOw3FILb97tF5YssOKc8EOHCBqTV7Zv6yRxrEyUITn_73VP-8m71LFTT6yk5s3plMnG8uc6ap_rXMgLhPUhjmecUP6HbR6bXWTUKPPGH0OuG1eABsPs8tbv-NGcsgGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eTpjR-YdJrQfInKNDni71PSsLSg%26client%3Dca-pub-4788083219224278%26adurl%3D
Frame ID: 52D9BD8E7C4D12C23AA36984278BBBCA
Requests: 16 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6AC94360910067863849D9EA60443D59
Requests: 9 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4788083219224278&output=html&h=280&adk=840009040&adf=1699799073&pi=t.aa~a.2054722437~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669346332&rafmt=1&to=qs&pwprc=6292441334&format=1200x280&url=https%3A%2F%2Fsci-hub.hkvisa.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669346332134&bpp=1&bdt=1133&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De5e7a44c28126fd6-22ae39e98dd70038%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MaVQ_9zivGaLfp3HwZr1NEFmos1mA&gpic=UID%3D00000b86bebd923b%3AT%3D1669346331%3ART%3D1669346331%3AS%3DALNI_MY0Quv-pA7XR9IWQn5Qc7xiAhBshA&prev_fmts=970x90%2C1200x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1005x124&nras=7&correlator=8293296417033&frm=20&pv=1&ga_vid=1808102053.1669346332&ga_sid=1669346332&ga_hid=137485858&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4266&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070949&oid=2&psts=AMjMPc2bz1JR3AC4qE3ZZNzUG_GuIA6MdJOjfdpoTGa099LF26GXMvhCE_8Q1lhaHCBzLa_1z7q8XJoVwW4rZjQ&pvsid=535695595458532&tmod=293220421&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=BJTd801RTa&p=https%3A//sci-hub.hkvisa.net&dtd=208
Frame ID: CEB1245EACE4075410B8413F3A77A540
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C9E0909BB1B4A3E53E5D98A8BD1483FD
Requests: 2 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 1FE45DC157C83C96F884B003015F571D
Requests: 1 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 64703A14D2FB9B2EFD1F037FEB0E3962
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 51C15E347B60FBC6EDFB186BC42A1FDF
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: DF5AD41BB52255BAF811BA914D4696C9
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Sci-HubDetected technologies
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://pluso.ru/
Search URL Search Domain Scan URL
URL: https://vk.com/sci_hub
Search URL Search Domain Scan URL
URL: https://twitter.com/Sci_Hub
Search URL Search Domain Scan URL
URL: https://www.facebook.com/sci.hub.org
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 56- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
- https://d.agkn.com/pixel/2175/?google_gid=CAESEMVyB4FYxKdCcgKCVYEFfxE&google_cver=1&google_push=ASkJ3Fbq-cX-vGPwJdg0KauVocUfZHYaAsczuPuQGn6hYbxoi_X_7RN2-rdrrCbxJAeZZ3DNu0BOFAvfGnNikrgDZgIJdLyxWuM HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3Fbq-cX-vGPwJdg0KauVocUfZHYaAsczuPuQGn6hYbxoi_X_7RN2-rdrrCbxJAeZZ3DNu0BOFAvfGnNikrgDZgIJdLyxWuM&google_hm=Q0FFU0VNVnlCNEZZeEtkQ2NnS0NWWUVGZnhF
- https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFlc4LQ8V2SlcZeXGmuKa6E&google_cver=1&google_push=ASkJ3Fbxe9Bl8tbsfRunr0WUd1TnG8P_k09_xe35YqsymiN5winIKtx4vWUvA06XlGcN4WaOl_ftrzp6dW6imyid3oVZGTxuPDM HTTP 302
- https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFlc4LQ8V2SlcZeXGmuKa6E&google_cver=1&google_push=ASkJ3Fbxe9Bl8tbsfRunr0WUd1TnG8P_k09_xe35YqsymiN5winIKtx4vWUvA06XlGcN4WaOl_ftrzp6dW6imyid3oVZGTxuPDM&rdf=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Rzzc1tg2SJ-z5CIXIeO-Bg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fbxe9Bl8tbsfRunr0WUd1TnG8P_k09_xe35YqsymiN5winIKtx4vWUvA06XlGcN4WaOl_ftrzp6dW6imyid3oVZGTxuPDM
- https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKvAhfJN8X9Vksx-xTnia44&google_cver=1&google_push=ASkJ3FYqvHqLC-YbTBzowF-dxarZBlZKXgpBhIdVGsRcPmlsE-GeXvMI2lMCBmL33PKMU6EbGY4LkvHzXxBuVwl0byd9dTdOvos HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFWWFBEVVgtMUMtOUw2UQ==&google_push=ASkJ3FYqvHqLC-YbTBzowF-dxarZBlZKXgpBhIdVGsRcPmlsE-GeXvMI2lMCBmL33PKMU6EbGY4LkvHzXxBuVwl0byd9dTdOvos
- https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOoXAb1DRRJI4qvgTO-gCqs&google_cver=1&google_push=ASkJ3Fak-um0NMYcs2FBRSOrKhvKNXawG0iTsd3nwqMM_FJ96kO2v-rb-Ds3fXQS4udkJK-jNdmwV0ZYzJ_tMwRd5qZra7U4MgU HTTP 302
- https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOoXAb1DRRJI4qvgTO-gCqs&google_push=ASkJ3Fak-um0NMYcs2FBRSOrKhvKNXawG0iTsd3nwqMM_FJ96kO2v-rb-Ds3fXQS4udkJK-jNdmwV0ZYzJ_tMwRd5qZra7U4MgU&s=184023&C=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOoXAb1DRRJI4qvgTO-gCqs&google_hm=Y4A0HGtkab83f8lQlwxz9gAABIYAAAIB&google_nid=index&google_push=ASkJ3Fak-um0NMYcs2FBRSOrKhvKNXawG0iTsd3nwqMM_FJ96kO2v-rb-Ds3fXQS4udkJK-jNdmwV0ZYzJ_tMwRd5qZra7U4MgU
- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
- https://a1.adform.net/adfserve/?bn=53543643;1x1inv=1;srctype=3;gdpr=1;;ord=6380341cefa7536dbc8b46d997725d21 HTTP 302
- https://mm.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-1x1_en&ead-creative=OthersEMEA-criteo-c_eastersale_OtherEMEA-1x1_en&ead-creativetype=1x1_en&eseg-name=campaign&eseg-item=eastersale&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=53098&adfrmid=0 HTTP 302
- https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=criteo&ead-name=3_EMEA_PT_C_OthersEMEA_p-criteo&ead-location=display_Prospecting_OthersEMEA-1x1_en&ead-creative=OthersEMEA-criteo-c_eastersale_OtherEMEA-1x1_en&ead-creativetype=1x1_en&eseg-name=campaign&eseg-item=eastersale&ead-mediaplan=OthersEMEA-Prospecting&ea-rnd=53098&adfrmid=0
- https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1 HTTP 302
- https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.hkvisa.net/;hSci-Hub;1
113 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
sci-hub.hkvisa.net/ |
27 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.js
img.sci-hub.shop/scihub/ |
248 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
openapi.js
img.sci-hub.shop/scihub/ |
94 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
medal.png
img.sci-hub.shop/scihub/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
key_1.png
img.sci-hub.shop/scihub/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
143 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
top-back.jpg
img.sci-hub.shop/scihub/ |
184 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo_en.png
img.sci-hub.shop/scihub/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
raven_1.png
img.sci-hub.shop/scihub/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
map.jpg
img.sci-hub.shop/scihub/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
about-marker_en.png
img.sci-hub.shop/scihub/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
quote.png
img.sci-hub.shop/scihub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
quotenext_en.png
img.sci-hub.shop/scihub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pone.png
img.sci-hub.shop/scihub/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ptwo.png
img.sci-hub.shop/scihub/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pthree.png
img.sci-hub.shop/scihub/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
people.jpg
img.sci-hub.shop/scihub/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
join_en.png
img.sci-hub.shop/scihub/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
joinvk.png
img.sci-hub.shop/scihub/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jointwitter.png
img.sci-hub.shop/scihub/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
joinfacebook.png
img.sci-hub.shop/scihub/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pluso-like.js
img.sci-hub.shop/scihub/ |
41 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ |
355 KB 117 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 1AAC |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
387 B 694 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.nl/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4BB8 |
71 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 2798 |
436 B 236 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame F001 |
112 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13457520648148829245
tpc.googlesyndication.com/daca_images/simgad/ Frame 4BB8 |
92 KB 92 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 4BB8 |
23 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4BB8 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4BB8 |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BB8 |
154 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 4BB8 |
34 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 4BB8 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ |
150 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
integrator.js
adservice.google.nl/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 2206 |
26 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 2276 |
436 B 237 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 58D4 |
436 B 237 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame DDE2 |
436 B 237 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7FCB |
143 B 166 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
redir.html
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 8818 |
247 B 964 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 127E |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4BB8 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 127E |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
14121081352059290281
tpc.googlesyndication.com/simgad/ Frame 127E |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 127E |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 127E |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 127E |
154 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 127E |
34 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7FCB Redirect Chain
|
0 17 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2206 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2206 |
18 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
www.google.com/ads/measurement/ Frame 2206 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2206 |
154 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 2206 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 2206 |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
afr.php
ads.eu.criteo.com/delivery/r/ Frame 52D9 |
122 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6AC9 |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
iframe.html
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 8818 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
integrator.js
adservice.google.nl/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame CEB1 |
436 B 230 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame C9E0 |
143 B 166 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 2206 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dpixel
cms.quantserve.com/ Frame 6AC9 |
35 B 464 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 6AC9 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dds
rtb.openx.net/sync/ Frame 6AC9 |
43 B 351 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 6AC9 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 6AC9 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 6AC9 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trk
ag.innovid.com/ Frame 6AC9 |
43 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
attr
cm.g.doubleclick.net/pixel/ Frame 6AC9 |
0 223 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame C9E0 Redirect Chain
|
0 17 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
privacy_small.svg
static.criteo.net/flash/icon/ Frame 52D9 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 52D9 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close_button.svg
static.criteo.net/flash/icon/ Frame 52D9 |
308 B 636 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
back_button2.svg
static.criteo.net/flash/icon/ Frame 52D9 |
293 B 621 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 52D9 |
43 B 348 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1x1.b
mml1.melia.com/dynview/melia-com/ Frame 52D9 Redirect Chain
|
111 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 1FE4 |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 6470 |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 52D9 |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animejs.js
static.criteo.net/animejs/ Frame 52D9 |
12 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img
pix.eu.criteo.net/img/ Frame 52D9 |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img
pix.eu.criteo.net/img/ Frame 52D9 |
57 KB 58 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
all
csm.eu.criteo.net/ Frame 52D9 |
0 128 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
privacy.svg
static.criteo.net/flash/icon/ Frame 52D9 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ Frame 52D9 |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 52D9 |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 52D9 |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
process
share.pluso.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
process
share.pluso.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hit;PLUSO
counter.yadro.ru/ Redirect Chain
|
43 B 528 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
14 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
06.png
share.pluso.ru/img/pluso-like/square/medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
plus.png
share.pluso.ru/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
kb.js
kitbit.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 51C1 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
aframe
www.google.com/recaptcha/api2/ Frame DF5A |
783 B 535 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
pagead2.googlesyndication.com/bg/ Frame 51C1 |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame DF5A |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 51C1 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BB8 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6.gif
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 8818 |
35 B 583 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6.gif
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 8818 |
35 B 583 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- img.sci-hub.shop
- URL
- https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=gS9dCzCmmIiudqBD&first=1
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.hkvisa.net%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=mOM4Sx6RMqUXtuqV
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/img/pluso-like/square/medium/06.png
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/img/plus.png
- Domain
- kitbit.net
- URL
- https://kitbit.net/kb.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sci-Hub (Consumer)60 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go string| allurl object| adsbygoogle number| ifpluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| pluso function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| google_llp object| googletag object| k string| pt object| s object| GoogleGcLKhOms20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .hkvisa.net/ | Name: __gads Value: ID=e5e7a44c28126fd6-22ae39e98dd70038:T=1669346331:RT=1669346331:S=ALNI_MaVQ_9zivGaLfp3HwZr1NEFmos1mA |
|
| .hkvisa.net/ | Name: __gpi Value: UID=00000b86bebd923b:T=1669346331:RT=1669346331:S=ALNI_MY0Quv-pA7XR9IWQn5Qc7xiAhBshA |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlogbYwm5a9XnL5QMTTyoZLJ_6l2sQkUpfRQRo6hIc5ESUSoyUOJIZpd4BHv00 |
|
| .doubleclick.net/ | Name: DSID Value: NO_DATA |
|
| .quantserve.com/ | Name: d Value: EGsBCQHUJ4EA |
|
| .quantserve.com/ | Name: mc Value: 6380341c-7804f-8f97f-ff38b |
|
| .casalemedia.com/ | Name: CMID Value: Y4A0HGtkab83f8lQlwxz9gAA |
|
| .casalemedia.com/ | Name: CMPS Value: 1158 |
|
| .casalemedia.com/ | Name: CMPRO Value: 1158 |
|
| .agkn.com/ | Name: ab Value: 0001%3AWMITl%2B%2F%2Fog4nhVXZUe6nBDR0V%2B8Nrvgh |
|
| .agkn.com/ | Name: u Value: C|0CEArEvCcKxLwnAAAAAAAAQ13AQCAAQpAAAAAAA |
|
| .pubmatic.com/ | Name: KTPCACOOKIE Value: YES |
|
| .casalemedia.com/ | Name: CMTS Value: 1175 |
|
| .pubmatic.com/ | Name: KADUSERCOOKIE Value: 473CDCD6-D836-489F-B3E4-221721E3BE06 |
|
| .innovid.com/ | Name: uuid Value: 1d7c083b-2eb4-4bdb-8b6d-5f28162f70cf-20221124 22:18:52 |
|
| .melia.com/ | Name: etuix Value: PdfVCdbi.OoLC6oqSPsYnDoPpuKSmrbxQEYsXfsXhR1.vxgj9YWrRA-- |
|
| .melia.com/ | Name: et0 Value: MAMkSMqp9N2ONmJ.k6yfoT.kXV2S_B5uwEsQYQFu3QxZvfDu1vFGX6mWK2xQ2DGA07ipBSR0mVuwYB06EUA4zlteQumI3FUt7RCO9iI_paDzI7wd3vcP1K7_9vqc0.ScTsE- |
|
| .melia.com/ | Name: et Value: 1 |
|
| .yadro.ru/ | Name: FTID Value: 1ZW3GT0WwYeS1ZW3GT003I65 |
|
| .yadro.ru/ | Name: VID Value: 1slByy1g15eS1ZW3GT003I6P |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a1.adform.net
ads.eu.criteo.com
adservice.google.com
adservice.google.nl
ag.innovid.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
csm.eu.criteo.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
img.sci-hub.shop
kitbit.net
mm.melia.com
mml1.melia.com
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i1-v6exp3.v4.metric.gstatic.com
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-374953-i2-v6exp3.ds.metric.gstatic.com
p4-aglt7ik3jafnc-ruph6cmiidovtjsf-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.openx.net
sci-hub.hkvisa.net
share.pluso.ru
ssum-sec.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
img.sci-hub.shop
kitbit.net
share.pluso.ru
109.232.197.110
109.232.197.33
142.250.185.178
142.250.186.34
172.217.18.3
172.64.154.237
178.250.0.160
185.64.190.78
2606:4700:3034::6815:9e6
2606:4700::6811:180e
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2012
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:1::3
2a02:2638::2
2a02:2638::21
2a02:2638::b
2a02:2638::c
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
2a06:98c1:3120::3
3.74.33.199
35.227.252.103
37.157.5.142
69.173.144.139
88.212.202.52
0609b70c35eab974a2c2d99d6da5d84d95b97f9fe3d28828710d04835153cb20
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bbed289b492cde6a9b64335696cb13f6ac8e08724621c957e49a76f99af2b85
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
391ed2f12f92968f164c061b48e5421254b9aae4dfce080b727d60dd6c1cb72e
3d84c266858963761eaf0f3401b47e6c5a420fa4e4b880f1498d4fbe6839ef30
42010ba524f3ea737e3d41bb92a10c105625b4fb795dd519e0f67bfbc1903bcc
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4bbdcb09e492ff91a959b3b35de39171490a39aac363de87d1ed68efeb213591
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a04321444a016617e7da98a71683d5fb5a24c3a8084032740a50494abd8027
54135129dcac3ee8bbe4a1d8ed866f39e320e7a314167bf0cd41d744142bf324
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5e9886efb158b88770725a55ac8d2d56244402e2f457b64a3d78907204c0a07a
5fc2ba571f4475f6e5eff92391043127ebd055aee790b7ed3042f27e12e1a55a
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632baaa9c4c2f9abdb96e28029823d7657b2e4a08f07bce8c45f33bad667ac68
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
6e8bc2950f851277ea0e8bdea593e69a443e4d38ab60b52defbbc8d7c7324d8e
6fefbaa69218dfffd02274f14a6f36ce6140a87bb717859f09faa53a31be8dd6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76da45c5de5b043432845901661a41d9e3c3647c28c1f3abb7358dda6dcb2b19
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7db5a98c3d10154414d713f1c0a8d706987f8c339bcc4e03c416b66348e7597f
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
856c5109bfab13b4d241af6d25d10243cdf3564dd9077062c6bb2964b5a486ce
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d779579711a979493eeeef2135cc007f4f074cfe4eed080fbc38cd6880cf4f2
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
be9fade1e93b1f788799813877ca8bc17828798312ae91d1063d2f467417b904
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
d895216f9071280742af829a0b009922ae7220d10e01c7f998a483ee99d59dbf
d9e335ba116fdffcc531dc8aa09ac95f977b0946cd861c5c5a7bcaab1ef19040
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bb7cad6b7006b254ae8a148aaadab89dfb1c8bcaaf6667d28b32f660b18dd
e79c3a1a712092d5cf1b0b5242659581a86a2d300bacfe23acc8e933e25f9591
e7b96a72007d3c26795541e214c8183b5f276b45dea7789168d87b2eeef3c116
e82a6368a16f181dd7ecbc1c979824a5bd849a5c2adae6ebae0908cdb719c8e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f80f17fdf5fd8fda133b7d8842f4f0edc56a9db856907850ecc980a2a8391870
f928a234401ee90d4557598e460a2c199e0baf8bcb70eb9930ccd899c386df27
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28