sci-hub.tf Open in urlscan Pro
172.67.167.20 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sci-hub.tf/
Effective URL:
https://sci-hub.tf/
Submission: On October 28 via manual (October 28th 2021, 11:17:36 pm UTC) from IN — Scanned from DE

Summary HTTP 40 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 40 HTTP transactions. The main IP is 172.67.167.20, located in United States and belongs to CLOUDFLARENET, US. The main domain is sci-hub.tf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 11th 2021. Valid for: a year.

This is the only time sci-hub.tf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 2	172.67.167.20 172.67.167.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	104.21.9.230 104.21.9.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	37.200.67.211 37.200.67.211	49505 (SELECTEL) (SELECTEL)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3	31.131.252.94 31.131.252.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
3	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	195.181.175.55 195.181.175.55	60068 (CDN77 ^_^) (CDN77 ^_^)
1	104.21.21.220 104.21.21.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
5 8	185.15.175.159 185.15.175.159	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 2	185.15.175.137 185.15.175.137	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
40	11

2 172.67.167.20 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sci-hub.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.21.9.230 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sci-hub.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.200.67.211 (Russian Federation)

ASN49505 (SELECTEL, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.131.252.94 (St Petersburg, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

kitbit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.55 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-53.cdn77.com

p1.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.21.220 (United States)

ASN13335 (CLOUDFLARENET, US)

optinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.15.175.159 (Russian Federation) 5 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.137 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

fnc.rt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	sci-hub.shop img.sci-hub.shop	585 KB
11	digitaltarget.ru 5 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	25 KB
4	pluso.ru share.pluso.ru	27 KB
3	kitbit.net kitbit.net	2 KB
2	rt.ru 1 redirects fnc.rt.ru	986 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	sci-hub.tf 1 redirects sci-hub.tf	7 KB
1	rktch.com ut9.rktch.com	88 B
1	optinder.com optinder.com	531 B
1	ntvk1.ru 1 redirects p1.ntvk1.ru	380 B
40	10

	Domain	Requested by
21	img.sci-hub.shop	sci-hub.tf
8	dmg.digitaltarget.ru	5 redirects
4	share.pluso.ru	img.sci-hub.shop
3	tag.digitaltarget.ru	kitbit.net tag.digitaltarget.ru
3	kitbit.net	img.sci-hub.shop kitbit.net
2	fnc.rt.ru	1 redirects
2	counter.yadro.ru	1 redirects
2	sci-hub.tf	1 redirects
1	ut9.rktch.com
1	optinder.com
1	p1.ntvk1.ru	1 redirects
40	11

This site contains links to these domains. Also see Links.

Domain
pluso.ru
vk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sci-hub.tf Cloudflare Inc ECC CA-3	`2021-09-11` - `2022-09-10`	a year	crt.sh
sci-hub.shop Cloudflare Inc ECC CA-3	`2021-06-21` - `2022-06-20`	a year	crt.sh
*.pluso.ru R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
*.kitbit.net Let's Encrypt Authority X3	`2018-11-05` - `2019-02-03`	3 months	crt.sh
tag.digitaltarget.ru R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
ut9.rktch.com R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sci-hub.tf/
Frame ID: 6CF07E33FB8F665640231A3CE211A935
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sci-Hub journal:latest sci-hub mirror links

Page URL History Show full URLs

http://sci-hub.tf/ HTTP 301
https://sci-hub.tf/ Page URL

Page Statistics

40
Requests

65 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

643 kB
Transfer

980 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://vk.com/sci_hub

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sci-hub.tf/ HTTP 301
https://sci-hub.tf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.tf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.tf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1

Request Chain 31

https://p1.ntvk1.ru/nps HTTP 302
https://optinder.com/cro

Request Chain 35

https://dmg.digitaltarget.ru/1/7208/i/i?i=227108299437101.444804169020858&c=tg:adcm_pc HTTP 302
https://dmg.digitaltarget.ru/1/7208/i/i?i=227108299437101.444804169020858&c=tg:adcm_pc&q=scc

Request Chain 36

https://dmg.digitaltarget.ru/1/6534/i/i?i=227108299437101.336538581059017&c=tg:adcm_pc HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=227108299437101.336538581059017&c=tg:adcm_pc HTTP 307
https://fnc.rt.ru/1/6532/i/i?i=ZN0spvZvS2ruWak7H3X1&c=tg:rds_6534 HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=ZN0spvZvS2ruWak7H3X1&c=tg:rds_6534&q=scc

Request Chain 37

https://dmg.digitaltarget.ru/1/1086/i/i?i=227108299437101.464091457993011&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.464091457993011&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 38

https://dmg.digitaltarget.ru/1/1086/i/i?i=227108299437101.562267623421604&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.562267623421604&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_noorient

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sci-hub.tf/
Redirect Chain

http://sci-hub.tf/
https://sci-hub.tf/

27 KB
7 KB

784ms
746ms

Document
text/html

172.67.167.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sci-hub.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92df880056dcf753454d647e9b6fa89eeba036a7d3dc0264eafacb3f7fde08e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 28 Oct 2021 23:17:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
expires: Fri, 29 Oct 2021 11:17:28 GMT
cache-control: max-age=43200 no-cache
x-cache: MISS MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFKUQ6%2B5%2BWQoGTVF2MBa2Dfi%2FU828eMCIkdJ4hMHPnQLkgv3ziWsr6By5BI2BVKwoA8Q3s7WvZXJ9Lh8cvyT2VSfDB38TsqhsuNiT1Wgsc5p%2BFykpKEuxmUDjEt8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a57e0b3ab7e40b1-CDG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 28 Oct 2021 23:17:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 29 Oct 2021 00:17:28 GMT
Location: https://sci-hub.tf/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=podaL%2Fhqf0AH7RGef%2FoGqFxJnEqLMWfiUBtZBgmY%2B8xH%2BIeqhk32%2B7W%2BMXw9vQRs73ZMDTUi3jiQsnBoznrSEzdL0X%2FtmI1u9FkBe8REJycwYLdRMp0278PSjPrn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a57e0b338033b07-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-3.1.1.min.js Show response
img.sci-hub.shop/scihub/ 85 KB
31 KB 394ms
26ms Script
application/javascript 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-3.1.1.min.js
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
server: cloudflare
etag: W/"5c00bb7c-152b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcuCkfiGK5BMFuvF6dcMy%2FBTHdOt67RMkEOn4SaD7N3%2F0YLuRzUW%2FKhjL76MAH2vDbLlJ298OIgJO8PTeKUTm5vEJrkB29DU3au0%2BgX0Xd%2Fi4xrH1aCDQcCtKIVXGBHwwWLP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6a57e0babf3139ab-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
img.sci-hub.shop/scihub/ 248 KB
68 KB 396ms
29ms Script
application/javascript 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/jquery-ui.min.js
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
server: cloudflare
etag: W/"5c13665c-3dee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxdFfM%2FzzreWJQMzYUWNr7fTwtA10YHn4%2BH4CUWQJLSRs%2FwQnu8MRKf3%2BT%2B8Y041PnOyE0MIjUPnyVCIquRGn48jA0iw1zOCaiyMADAiRR2z4awuoDLs05bcSh9ABBor1Bu6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6a57e0babf3239ab-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 openapi.js Show response
img.sci-hub.shop/scihub/ 94 KB
24 KB 392ms
25ms Script
application/javascript 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/openapi.js
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
server: cloudflare
etag: W/"5c00bb8c-1798d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nid0%2FuDjdyHKG8huFA6pLywHOwvpAyuJq0Rit0le%2Bpk1cVBkoIqWuBpN4QBgPNLpsR5V%2BHKU%2BL7Npw%2F6FEqwWlWoAj7%2Fn9LPNM7C%2Fz6Qs1XvgPxRNbEIUt%2BWBx8liX%2B0zIGo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6a57e0babf3339ab-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 medal.png
img.sci-hub.shop/scihub/ 22 KB
22 KB 22ms
22ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/medal.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155907
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22275
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
etag: "5c00d512-5703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zG9k9N2vZLvj5Pm8OKGnB7WYYX88TKkmY2bQSAYQX%2FNpPr8NkGof3OydsQGDHTKalD%2F%2FzrSZUEPNWSo5jKtaHTYzRSDTAx5LdAHOhARfhVbX6p3z3iPK66kZdVu3BGhjWVN%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0baff7039ab-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 key_1.png
img.sci-hub.shop/scihub/ 8 KB
9 KB 21ms
20ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/key_1.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8428
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
etag: "5c00d514-20ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnAxyq9%2ByDEBHwGjIIjyuvQYtGKVX1FVIcgfE462ROG1xfkeN3FThQJh9Z%2B7fcUxGwUCmWRTE5rAJUzMPsoZYuRrA0zd52Bzp2428uVoDCzjuXD25k65VPUvhBU2iYEvCqq%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb0f8839ab-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 top-back.jpg
img.sci-hub.shop/scihub/ 184 KB
185 KB 26ms
26ms Image
image/jpeg 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/top-back.jpg
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 188646
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
etag: "5d7f7d3e-2e0e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNoBOcMgppC0p%2BRblOadCQ0YGhLREUFWeF96FUJT8ydKMfrVRKypAYsgeIy0px3ly3xxzkE3JT%2FvxxV7Qnz6SfN%2FKaZs3bwpmZN7fVSse0LRkQujPrwxLdU1oD5JSuCQawpl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb28bd32aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo_en.png
img.sci-hub.shop/scihub/ 14 KB
15 KB 93ms
92ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/logo_en.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14556
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
etag: "5c00d116-38dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCPVdBUfbJptkMNmYsR5bzYQmsSj7mgnFT%2BycqtEWDA%2Fl4DlGesbROkpGyN0fhszBDJbi6rASd2w7dJh8SMwySDvPm39bLseqXduSvJPg9VaAPdJ1qXC1tgwwYDohdMTiYxC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38c732aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 raven_1.png
img.sci-hub.shop/scihub/ 59 KB
59 KB 93ms
92ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/raven_1.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60144
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
etag: "5c00d110-eaf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbLASMZLMuKwcQ%2BsCaUSsFV167rN9so%2F8i8rixyREol3Mz6bZmTuGEwbsHEUsIDjaT1qR8sn6VTQyqkgyGUZDr8vD3MfGPOC4BVsoQj8pd8NLA2P%2BIm%2Fxja4%2BZFYvbLmlee3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38c932aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 map.jpg
img.sci-hub.shop/scihub/ 54 KB
55 KB 95ms
94ms Image
image/jpeg 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/map.jpg
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408649
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 55605
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
etag: "5c00d124-d935"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4dqaerqVBurMWilpRWocL8FGq1LeuOnw6%2F9%2BQuIIufTnXF90lT5aiDWPfvB0cHubvFu8NRvjFjAcaWmH9I5S8%2BDCRnEZfxFlteCdnyAEAaxBLsAE9OtttT%2F1RtWQdfKMe%2BD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38cc32aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 about-marker_en.png
img.sci-hub.shop/scihub/ 3 KB
4 KB 108ms
107ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/about-marker_en.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3361
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
etag: "5c00d12e-d21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKO5KUQf9UUFQfgZfHTxr6CpDCbWznrpbin8utjbQb7nfA7esBO7bluaKMXsSemAPamN3%2BKcHouhHm6QCcRVym59eXJv%2F3yqiFZ72fQnHetsLoBeMR0IAmSvPcYuV1vKWr7H"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d032aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 quote.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 108ms
107ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quote.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1068
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
etag: "5c00d138-42c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZsHFm%2F%2F6SMnSC%2B2sPJfLZHjwYyRmJjjDs8uklKOmm%2B4tGzzF3Db8XjDU3j8kRDNliOoMXHtUqZ67vlJ8isIbkopmXh%2BsFrZjBscao%2BrfpQTcX1TOCb63OSZMEQEb%2FM8DYb2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d132aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 quotenext_en.png
img.sci-hub.shop/scihub/ 1 KB
2 KB 109ms
107ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/quotenext_en.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1087
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
etag: "5c00d13e-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukcOCfM2kABBzYkSWWM4vg5YpIGm%2B4TbJRiw9WSPx2cFPGHydUENAtE8kViOiTOAsJ52EXe%2BmIT6p99GLVrP2k%2FZC1iLOmSlSFGPK8Ql2mfDmbMLwMf1EeP35Prf4%2F03Nt0W"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d232aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pone.png
img.sci-hub.shop/scihub/ 2 KB
2 KB 109ms
107ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pone.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1637
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
etag: "5c00d144-665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3ozKI8ne%2Bae5wgIiNAKLL1yU0wGqEUwM9X0quhsMNYM4Ve60si7v7gE6e8xfnAcY15Sws3FFrsfU7tcZ44TOLQ6h%2BuJrRXBxHmbcHXLG8W6X5MczZp80SLsRwG6fpbwLiDI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d432aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ptwo.png
img.sci-hub.shop/scihub/ 4 KB
4 KB 109ms
107ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/ptwo.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3907
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
etag: "5c00d14a-f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyC0mu3yxcV4a2caQ15iewdPiLCxFwmCpVvsLD2lmpaS7w3l938F2LOM5Sl5N3OwB5Z38nVa5Npr4gKKABEIqz%2FO1KIG8yBIHixPp73KAI2CFKTD2dqe5nuRoEbYyi%2FySg0t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d532aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pthree.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 109ms
107ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/pthree.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4278
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
etag: "5c00d150-10b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTd51zDd4l%2Fxf6T1xB01%2F0raRDjrUd5wTXOWerwYGqf8gui%2BPhcvb9xDS6aS6Xtm1AUkMkd43qa25leg9Es%2FD8%2Bc9CWQZZoWK016LSiVAqlYzG3g4rwWkeAg9pdGLwSQdHcK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d632aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 people.jpg
img.sci-hub.shop/scihub/ 50 KB
51 KB 111ms
109ms Image
image/jpeg 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/people.jpg
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51212
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
etag: "5c00d164-c80c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8acWVCOU83nB5dJ%2BatUdecWb4%2FRMqGe73RydO7XOFaVwuWbT9g8BY2iWe33MEFFkn9JQPIwAn7tcoKh3jijalxziiuKHh1kG8WUknxUF6ZeGH7Rvlft2QELFyv8PMbIhDrd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d732aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 join_en.png
img.sci-hub.shop/scihub/ 6 KB
7 KB 112ms
111ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/join_en.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6197
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
etag: "5c00d180-1835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCVm41WsY2YQLoo3oyhx2lAA5cFh9uN%2FtDveLE0BuMsyXkPPEAmXbUhg%2BAzeUdS9Qh6gcLAViKM51IfAr3ZbhGKwqfj3NN4IkszCbS84jYLMTmLV1d1CGts%2Bv%2FT97oW1De62"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d832aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 joinvk.png
img.sci-hub.shop/scihub/ 17 KB
18 KB 112ms
111ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinvk.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143811
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17834
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
etag: "5c00d186-45aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tj7YyRIPZiY%2BJ92F5w%2FLZ7ZSJ0m7u36jHUeZ%2BfBi7tbkbO3QV9%2FId9B8a4bf4I0zpy6GdBivfFPBnQq2CZG8MN5R7tx56awnxGvH2w8%2F1PvJdLXIfvBY6VfIGnDzl%2FuHhBUx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38d932aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jointwitter.png
img.sci-hub.shop/scihub/ 6 KB
6 KB 113ms
112ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/jointwitter.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 155129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5751
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
etag: "5c00d192-1677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zstgT7JDYN0HNqgJcK4JYXtWvi2WbIwHCkXYddRnbsPdiKkg7n2T5zdxDJXqO%2BG3%2BWbFz%2BZXo7e9Lw808DB95S%2F9J%2BG%2FP8S6A3omqum3XgD0Of%2Ft%2B9%2FZ7QAI%2FtuyflyOmcYd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38da32aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 joinfacebook.png
img.sci-hub.shop/scihub/ 4 KB
5 KB 114ms
112ms Image
image/png 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sci-hub.shop/scihub/joinfacebook.png
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4152
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
etag: "5c00d18c-1038"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBcii7R3ZcAijlaOQphGTlJFjwKr0Sm%2FD1XWkHJlVQ4r%2B1yj2WFtJSYAsIsTXWhxODq8CJUEVEPeF7zEzG4Yb9SNri4icYCSNqsdjAZrZnw60SVkOTJY3euG31D8fxwNRdqV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6a57e0bb38db32aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ 0
0

GET
H3 200 pluso-like.js Show response
img.sci-hub.shop/scihub/ 41 KB
13 KB 80ms
80ms Script
application/javascript 104.21.9.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sci-hub.shop/scihub/pluso-like.js
Requested by: Host: sci-hub.tf
URL: https://sci-hub.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.9.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
server: cloudflare
etag: W/"5c00bef8-a5cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c23rDH4RMXLPT6mqNhjS8oKAZ6ffXKQP9lkzhnNqTf952ybnH%2FBidXpyzgmqTE74T0aveu7PK96SboZXy5K%2BtEdWGkG6o37iDCMM6yCbomiaYNyWLMxd7zzk6%2FcW0I5h2Cdn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6a57e0bb690d32aa-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 113 B
460 B 372ms
38ms Script
application/javascript 37.200.67.211
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.tf%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=exPNQtRfavM5dN9s&first=1

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

cc36e536936889c17562c839f19d5b30629d52e68fc041c58faaf9adf9aef742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:19:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 113
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 113 B
460 B 372ms
38ms Script
application/javascript 37.200.67.211
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.tf%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=HcdbKzB53LTuuE8N

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

cc36e536936889c17562c839f19d5b30629d52e68fc041c58faaf9adf9aef742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:19:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 113
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sci-hub.tf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.tf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1

43 B
528 B

41ms
41ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.tf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Oct 2021 23:17:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 28 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Oct 2021 23:17:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//sci-hub.tf/;hSci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links;1
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 28 Oct 2020 21:00:00 GMT

GET
H/1.1 200
OK 06.png
share.pluso.ru/img/pluso-like/square/medium/ 23 KB
23 KB 407ms
72ms Image
image/png 37.200.67.211
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/pluso-like/square/medium/06.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:19:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-5b8f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 23439
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 375ms
37ms Image
image/png 37.200.67.211
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/plus.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.211 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:19:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK kb.js Show response
kitbit.net/ 1 KB
2 KB 401ms
84ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/kb.js

Requested by

Host: img.sci-hub.shop
URL: https://img.sci-hub.shop/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

7d1e65fbeedcdb09929432f1d9883bb989139a43d5699707bb9ece8bc0847e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:15:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmF7LxSE5wst+I68Ag==
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=21600, private
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Fri, 29 Oct 2021 05:15:32 GMT

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ 3 KB
3 KB 141ms
44ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:04 GMT
Server: nginx
ETag: "6168c22c-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H/1.1 200
OK s.js Show response
kitbit.net/ 1 B
303 B 86ms
86ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/s.js?u=https%3A%2F%2Fsci-hub.tf%2F

Requested by

Host: kitbit.net
URL: https://kitbit.net/kb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:15:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 28 Oct 2021 23:15:31 GMT

GET
H/1.1 200
OK h.gif
kitbit.net/ 43 B
537 B 172ms
85ms Image
image/gif 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//sci-hub.tf/&h=Sci-Hub%20journal%3Alatest%20sci-hub%20mirror%20links%26kbuid%3D5EFC831F142F7B612D0BE78402BC8EF8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:15:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmF7LxSE5wst+I69Ag==
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 28 Oct 2021 23:15:32 GMT

GET
H2

200

cro
optinder.com/
Redirect Chain

https://p1.ntvk1.ru/nps
https://optinder.com/cro

0
531 B

109ms
64ms

Image
application/octet-stream

104.21.21.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://optinder.com/cro
Protocol: H2
Server: 104.21.21.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:17:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2iyfdBkB8fNR8S8iXp4aRZ7qxOCSdA2AN9iCr4Jz8lnkO3%2FQx07DqBTppI6j6dTM80Qo%2Blxfvt2MQZuIN6srr8CUgOaYjqqcUcI7YNWh4VOkA85lospVzTyNWYataM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cf-ray: 6a57e0bfacde404f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

Redirect headers

x-77-nzt: AcO1rzVVU8+B
date: Thu, 28 Oct 2021 23:17:30 GMT
last-modified: Thu, 28 Oct 2021 23:17:29 GMT
server: CDN77-Turbo
x-77-nzt-ray: kAmuW11o1Ds=
x-77-cache: MISS
content-type: text/html; charset=UTF-8
location: //optinder.com/cro
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
x-cache: MISS
x-77-pop: frankfurtDE
content-length: 0
x-request-id: 711916249-2-1635463050.098
expires: Thu, 28 Oct 2021 23:17:29 GMT

GET
H/1.1 200
OK sud
ut9.rktch.com/ 88 B
88 B 224ms
58ms Image
image/png 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut9.rktch.com/sud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 88
Content-Type: image/png

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ 15 KB
15 KB 87ms
87ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=678768749613811
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:04 GMT
Server: nginx
ETag: "6168c22c-3cc1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15553

GET
H/1.1 200
OK extension_1086.js Show response
tag.digitaltarget.ru/extensions/ 475 B
719 B 44ms
44ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/extensions/extension_1086.js?i=633072608151009
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: ea5267ab8f48df1f085df89f320a63ffe30ae68c5b02d85ec0437e4cdcb6b7de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:05 GMT
Server: nginx
ETag: "6168c22d-1db"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 475

GET
H/1.1

404
Not Found

i
dmg.digitaltarget.ru/1/7208/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7208/i/i?i=227108299437101.444804169020858&c=tg:adcm_pc
https://dmg.digitaltarget.ru/1/7208/i/i?i=227108299437101.444804169020858&c=tg:adcm_pc&q=scc

0
452 B

88ms
88ms

Image
text/plain

185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/7208/i/i?i=227108299437101.444804169020858&c=tg:adcm_pc&q=scc
Protocol: HTTP/1.1
Server: 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Server: nginx
Connection: keep-alive
Content-Type: Not found: placement 7208
Transfer-Encoding: chunked
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/7208/i/i?i=227108299437101.444804169020858&c=tg:adcm_pc&q=scc
Date: Thu, 28 Oct 2021 23:17:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

404
Not Found

i
fnc.rt.ru/1/6532/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/6534/i/i?i=227108299437101.336538581059017&c=tg:adcm_pc
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=227108299437101.336538581059017&c=tg:adcm_pc
https://fnc.rt.ru/1/6532/i/i?i=ZN0spvZvS2ruWak7H3X1&c=tg:rds_6534
https://fnc.rt.ru/1/6532/i/i?i=ZN0spvZvS2ruWak7H3X1&c=tg:rds_6534&q=scc

0
430 B

46ms
46ms

Image
text/plain

185.15.175.137
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fnc.rt.ru/1/6532/i/i?i=ZN0spvZvS2ruWak7H3X1&c=tg:rds_6534&q=scc
Protocol: HTTP/1.1
Server: 185.15.175.137 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Server: nginx
Connection: keep-alive
Content-Type: Not found: placement 6532
Transfer-Encoding: chunked
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/6532/i/i?i=ZN0spvZvS2ruWak7H3X1&c=tg:rds_6534&q=scc
Date: Thu, 28 Oct 2021 23:17:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1086/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=227108299437101.464091457993011&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.x...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.464091457993011&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:d...

49 B
603 B

116ms
115ms

Image
image/gif

185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.464091457993011&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Protocol

HTTP/1.1

Server

185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 13
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.464091457993011&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1086/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=227108299437101.562267623421604&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.x...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.562267623421604&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:d...

49 B
602 B

99ms
99ms

Image
image/gif

185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.562267623421604&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_noorient

Protocol

HTTP/1.1

Server

185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sci-hub.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 9
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 28 Oct 2021 23:17:30 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=227108299437101.562267623421604&a=86&e=5EFC831F142F7B612D0BE78402BC8EF8&c=ss:86.up:5EFC831F142F7B612D0BE78402BC8EF8.sync:up.xdua:dunYYVXASNtIURYG1TOS850J.xps:xpsdl5AzCMJ2uANPZ2oS7VwLU.dn:sci_hub__tf.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.sci-hub.shop
URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 07:03:10	Name: FTID Value: 1XUo-J0yDk8B1XUo-J002SpJ
.yadro.ru/	1970-01-20 07:03:10	Name: VID Value: 23vf8A04cluB1XUo-J002Spw
.rktch.com/	1970-01-19 23:00:55	Name: b_uid Value: 35b528f6018ca1107c02993297a4cdd63431
sci-hub.tf/	1970-01-20 17:21:07	Name: _a_d3t6sf Value: dunYYVXASNtIURYG1TOS850J
.dmg.digitaltarget.ru/	1969-12-31 23:59:59	Name: visessid Value: f46a5082_17cc6f8e788_0000000000000585
.fnc.rt.ru/	1970-01-21 00:12:55	Name: viuserid Value: 5ibHOHr7O5u35555R2mB
.fnc.rt.ru/	1969-12-31 23:59:59	Name: visessid Value: 1ec59408_17c9d15d685_000000000007f7b5
.dmg.digitaltarget.ru/	1970-01-21 00:12:55	Name: viuserid Value: A3c2pEZvS2rUVEO7bozT

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://sci-hub.tf/ Message: Access to font at 'https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2' from origin 'https://sci-hub.tf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://dmg.digitaltarget.ru/1/7208/i/i?i=227108299437101.444804169020858&c=tg:adcm_pc&q=scc Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fnc.rt.ru/1/6532/i/i?i=ZN0spvZvS2ruWak7H3X1&c=tg:rds_6534&q=scc Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
dmg.digitaltarget.ru
fnc.rt.ru
img.sci-hub.shop
kitbit.net
optinder.com
p1.ntvk1.ru
sci-hub.tf
share.pluso.ru
tag.digitaltarget.ru
ut9.rktch.com
img.sci-hub.shop
104.21.21.220
104.21.9.230
172.67.167.20
185.15.175.132
185.15.175.137
185.15.175.159
195.181.175.55
31.131.252.94
37.200.67.211
88.212.201.204
89.108.97.2
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7d1e65fbeedcdb09929432f1d9883bb989139a43d5699707bb9ece8bc0847e3a
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92df880056dcf753454d647e9b6fa89eeba036a7d3dc0264eafacb3f7fde08e2
9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
cc36e536936889c17562c839f19d5b30629d52e68fc041c58faaf9adf9aef742
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5267ab8f48df1f085df89f320a63ffe30ae68c5b02d85ec0437e4cdcb6b7de
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

sci-hub.tf Open in urlscan Pro 172.67.167.20 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

40 Requests

65 %HTTPS

0 %IPv6

10 Domains

11 Subdomains

11 IPs

3 Countries

643 kBTransfer

980 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sci-hub.tf Open in urlscan Pro
172.67.167.20 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

65 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

643 kB
Transfer

980 kB
Size

8
Cookies

40 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!