scihub.bban.top Open in urlscan Pro
185.178.208.153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://scihub.bban.top/
Effective URL:
https://scihub.bban.top/
Submission: On January 24 via manual (January 24th 2020, 4:26:11 pm UTC) from PT

Summary HTTP 52 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 19 domains to perform 52 HTTP transactions. The main IP is 185.178.208.153, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is scihub.bban.top.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 16th 2020. Valid for: 3 months.

This is the only time scihub.bban.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sci-Hub (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 3	185.178.208.153 185.178.208.153	57724 (DDOS-GUARD) (DDOS-GUARD)
21	2606:4700:303... 2606:4700:3035::681f:5cc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	31.131.252.91 31.131.252.91	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
3	31.131.252.94 31.131.252.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
3	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 2	185.59.220.11 185.59.220.11	60068 (CDN77) (CDN77)
1 1	2606:4700:303... 2606:4700:3037::681f:5b66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	176.99.5.124 176.99.5.124	49352 (LOGOL-AS) (LOGOL-AS)
13 16	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	88.99.190.97 88.99.190.97	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
1	148.251.236.115 148.251.236.115	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2 2	185.15.175.137 185.15.175.137	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
52	15

3 185.178.208.153 (Russian Federation) 1 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

scihub.bban.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3035::681f:5cc9 (United States)

ASN13335 (CLOUDFLARENET, US)

img.scihub.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.131.252.91 (St Petersburg, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.131.252.94 (St Petersburg, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

kitbit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.11 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77, GB)
PTR: frankfurt-10.cdn77.com

p1.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681f:5b66 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

optinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.5.124 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d40625.acod.regrucolo.ru

ut9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.15.175.147 (Russian Federation) 13 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.190.97 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-app-1.community.moscow

matcher.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.237.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.236.115 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow

1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.137 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

fnc.rt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	scihub.ltd img.scihub.ltd	568 KB
19	digitaltarget.ru 13 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	26 KB
4	pluso.ru share.pluso.ru	27 KB
4	doubleclick.net googleads.g.doubleclick.net
3	upravel.com 2 redirects matcher.upravel.com sync.upravel.com 1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com	2 KB
3	kitbit.net kitbit.net	2 KB
3	bban.top 1 redirects scihub.bban.top	25 KB
2	eyeota.net ps.eyeota.net	688 B
2	rt.ru 2 redirects fnc.rt.ru	949 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	684 B
2	ntvk1.ru 1 redirects p1.ntvk1.ru	732 B
2	yadro.ru 1 redirects counter.yadro.ru	926 B
2	googlesyndication.com pagead2.googlesyndication.com	119 KB
1	rktch.com ut9.rktch.com	84 B
1	optinder.com 1 redirects optinder.com	406 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
0	cnzz.com Failed s5.cnzz.com Failed
52	19

	Domain	Requested by
21	img.scihub.ltd	scihub.bban.top pagead2.googlesyndication.com
16	dmg.digitaltarget.ru	13 redirects
4	share.pluso.ru	img.scihub.ltd
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tag.digitaltarget.ru	kitbit.net tag.digitaltarget.ru
3	kitbit.net	img.scihub.ltd kitbit.net
3	scihub.bban.top	1 redirects scihub.bban.top
2	ps.eyeota.net
2	fnc.rt.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	p1.ntvk1.ru	1 redirects
2	counter.yadro.ru	1 redirects
2	pagead2.googlesyndication.com	scihub.bban.top pagead2.googlesyndication.com
1	1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com
1	sync.upravel.com	1 redirects
1	matcher.upravel.com	1 redirects
1	ut9.rktch.com
1	optinder.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
0	s5.cnzz.com Failed	scihub.bban.top
52	22

This site contains links to these domains. Also see Links.

Domain
pluso.ru
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
scihub.bban.top Let's Encrypt Authority X3	`2020-01-16` - `2020-04-15`	3 months	crt.sh
scihub.ltd CloudFlare Inc ECC CA-2	`2019-11-18` - `2020-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.pluso.ru Let's Encrypt Authority X3	`2019-11-30` - `2020-02-28`	3 months	crt.sh
counter.yadro.ru COMODO ECC Domain Validation Secure Server CA	`2018-04-09` - `2020-04-08`	2 years	crt.sh
*.kitbit.net Let's Encrypt Authority X3	`2018-11-05` - `2019-02-03`	3 months	crt.sh
tag.digitaltarget.ru Let's Encrypt Authority X3	`2019-12-15` - `2020-03-14`	3 months	crt.sh
*.ntvk1.ru Sectigo RSA Domain Validation Secure Server CA	`2019-05-12` - `2020-05-11`	a year	crt.sh
*.rktch.com AlphaSSL CA - SHA256 - G2	`2019-05-11` - `2020-05-11`	a year	crt.sh
*.sync.upravel.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-04` - `2020-11-06`	a year	crt.sh
dmg.digitaltarget.ru Let's Encrypt Authority X3	`2019-12-15` - `2020-03-14`	3 months	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://scihub.bban.top/
Frame ID: 0AC0902EFADA0CDA4BCEE378C67BA428
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/zrt_lookup.html
Frame ID: 2595F54E7D27DDE3E9CF315FB5CBFEFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5161725087824909&output=html&h=280&slotname=5674932478&adk=1370283616&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1579883141&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fscihub.bban.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1579883141130&bpp=15&bdt=896&fdt=55&idt=55&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&correlator=6820979919995&frm=20&pv=2&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=131752&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=900&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=1450430547448003&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iAE3gnP4z1&p=https%3A//scihub.bban.top&dtd=67
Frame ID: 6E9EDCECA3173AD2EE575CCAF9627D89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5161725087824909&output=html&h=280&slotname=5674932478&adk=1918295296&adf=46123072&w=640&fwrn=4&fwrnh=100&lmt=1579883141&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=640x280&url=https%3A%2F%2Fscihub.bban.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1579883141145&bpp=5&bdt=912&fdt=84&idt=84&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6820979919995&frm=20&pv=1&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=656040&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=473&ady=3502&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=1450430547448003&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XFbprAYEpw&p=https%3A//scihub.bban.top&dtd=86
Frame ID: DBCBDD913E72F23489B85BC4135E8ACE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5161725087824909&output=html&adk=1812271804&adf=1573534164&lmt=1579883153&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fscihub.bban.top%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1579883153300&bpp=6&bdt=13067&fdt=7&idt=7&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x280%2C640x280&nras=1&correlator=6820979919995&frm=20&pv=1&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=656040&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&psts=AA2WTGNPhT9UhivPDyfPkDGqho_gnB__41_K8RR9XGoRKJJEURkwY3HqXac3S8cyq9o%2CAA2WTGMgLRqKthj0kvLdBsMRLxTIv65JBZf81yAH2bmZNXBP1L4tDiI94RlqdPFxtJcY&pvsid=1450430547448003&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&dtd=14
Frame ID: 2C44089194FB0F5457B4985BE4B42107
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://scihub.bban.top/ HTTP 308
https://scihub.bban.top/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

52
Requests

92 %
HTTPS

26 %
IPv6

19
Domains

22
Subdomains

15
IPs

3
Countries

790 kB
Transfer

1394 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

URL: https://twitter.com/Sci_Hub

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sci.hub.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://scihub.bban.top/ HTTP 308
https://scihub.bban.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//scihub.bban.top/;hSci-Hub%20links;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//scihub.bban.top/;hSci-Hub%20links;1

Request Chain 41

https://p1.ntvk1.ru/nps HTTP 302
https://optinder.com/cro HTTP 302
https://p1.ntvk1.ru/scn?sid=1579883153908

Request Chain 45

https://dmg.digitaltarget.ru/1/6499/i/i?i=864063723969323.302049535562999 HTTP 302
https://dmg.digitaltarget.ru/1/6499/i/i?i=864063723969323.302049535562999&q=scc HTTP 302
https://matcher.upravel.com/m?id=TPNyJXUx.Aur5555u7v1&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D HTTP 302
https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=1a496e69-c60f-4dab-9e07-fa87e664351e HTTP 302
https://sync.upravel.com/image?source=amberdata&id=cnuA36Ux.AuT5555uovs&rnd=943491001579557119007000000003870148 HTTP 302
https://1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com/image?source=amberdata&id=cnuA36Ux.AuT5555uovs&rnd=943491001579557119007000000003870148&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zY2lodWIuYmJhbi50b3AvIl19fQ

Request Chain 46

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D&bounce=1&random=1079654733 HTTP 302
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=oYlz1/9.aF557WlfWp5M7. HTTP 302
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=oYlz1/9.aF557WlfWp5M7.&q=scc

Request Chain 47

https://dmg.digitaltarget.ru/1/7023/i/i?i=864063723969323.359315323757962 HTTP 302
https://dmg.digitaltarget.ru/1/7023/i/i?i=864063723969323.359315323757962&q=scc

Request Chain 48

https://dmg.digitaltarget.ru/1/6534/i/i?i=864063723969323.583191721761789 HTTP 302
https://dmg.digitaltarget.ru/1/6534/i/i?i=864063723969323.583191721761789&q=scc HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=603594001579770453123000000001727615 HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=603594001579770453123000000001727615&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/6533/i/i?i=113390001579609849292000000000845425&a=774&e=1a5GXZ1xO55B5555Frdq

Request Chain 49

https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.889558217041515&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.xps:xpsLnugnvclA8UIQhtgSagmIa.dn:scihub__bban__top.dn:bban__top.tg:adcmjs_init%20adcmjs_noorient.cr: HTTP 302
https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.889558217041515&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.xps:xpsLnugnvclA8UIQhtgSagmIa.dn:scihub__bban__top.dn:bban__top.tg:adcmjs_init%20adcmjs_noorient.cr:&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=DQUj16m.LFlI5555bZ2T&i=872993001579767373651000000001799873 HTTP 302
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=DQUj16m.LFlI5555bZ2T

Request Chain 50

https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.392245539747963&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.xps:xpsLnugnvclA8UIQhtgSagmIa.dn:scihub__bban__top.dn:bban__top.tg:adcmjs_noorient HTTP 302
https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.392245539747963&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.xps:xpsLnugnvclA8UIQhtgSagmIa.dn:scihub__bban__top.dn:bban__top.tg:adcmjs_noorient&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=Ca96YZUx.A5m5555unSa&i=741948001579767373652000000001800076 HTTP 302
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=Ca96YZUx.A5m5555unSa

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
scihub.bban.top/
Redirect Chain

http://scihub.bban.top/
https://scihub.bban.top/

27 KB
8 KB

1003ms
909ms

Document
text/html

185.178.208.153
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://scihub.bban.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.153 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

923d0eb3f7100786e92c377a51cea8326cffc654b8595b44cd909f10770418a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests;

Request headers

:method: GET
:authority: scihub.bban.top
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
server: ngjit
content-security-policy: upgrade-insecure-requests; upgrade-insecure-requests;
set-cookie: __ddg1=uOJL4SWhzJ9DqrXoK8YE; Domain=.bban.top; HttpOnly; Path=/; Expires=Sat, 23-Jan-2021 16:25:39 GMT __ddg1=3zw6coH8aUy4f7TwDenG; Domain=.scihub.bban.top; HttpOnly; Path=/; Expires=Sat, 23-Jan-2021 16:25:39 GMT session=a468814da475dbd398e7a0573d5f86c4; expires=Wed, 22-Jul-2020 16:25:39 GMT; Max-Age=15552000; path=/; domain=.scihub.bban.top refresh=1579883139.6795; expires=Wed, 22-Jul-2020 16:25:39 GMT; Max-Age=15552000; path=/; domain=.scihub.bban.top session=a468814da475dbd398e7a0573d5f86c4; expires=Wed, 22-Jul-2020 16:25:39 GMT; Max-Age=15552000; path=/; domain=.scihub.bban.top refresh=1579883139.6795; expires=Wed, 22-Jul-2020 16:25:39 GMT; Max-Age=15552000; path=/; domain=.scihub.bban.top
date: Fri, 24 Jan 2020 16:25:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip

Redirect headers

Server: ngjit
Date: Fri, 24 Jan 2020 16:25:39 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://scihub.bban.top/
Content-Type: text/html; charset=utf8
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

GET
H2 200 jquery-3.1.1.min.js Show response
img.scihub.ltd/scihub/ 85 KB
29 KB 814ms
30ms Script
application/javascript 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scihub.ltd/scihub/jquery-3.1.1.min.js
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:28 GMT
server: cloudflare
age: 723073
etag: W/"5c00bb7c-152b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2678400
cf-ray: 55a35d5f695496b6-FRA
expires: Thu, 16 Jan 2020 19:34:28 GMT

GET
H2 200 jquery-ui.min.js Show response
img.scihub.ltd/scihub/ 248 KB
63 KB 820ms
36ms Script
application/javascript 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scihub.ltd/scihub/jquery-ui.min.js
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Dec 2018 08:14:20 GMT
server: cloudflare
age: 723073
etag: W/"5c13665c-3dee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2678400
cf-ray: 55a35d5f695996b6-FRA
expires: Thu, 16 Jan 2020 19:34:28 GMT

GET
H2 200 openapi.js Show response
img.scihub.ltd/scihub/ 94 KB
22 KB 815ms
31ms Script
application/javascript 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scihub.ltd/scihub/openapi.js
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:24:44 GMT
server: cloudflare
age: 723073
etag: W/"5c00bb8c-1798d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2678400
cf-ray: 55a35d5f695b96b6-FRA
expires: Thu, 16 Jan 2020 19:34:28 GMT

GET
H2 200 medal.png
img.scihub.ltd/scihub/ 22 KB
22 KB 805ms
21ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/medal.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 06:13:38 GMT
server: cloudflare
age: 723073
etag: "5c00d512-5703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5f695c96b6-FRA
content-length: 22275
expires: Sat, 15 Feb 2020 07:34:28 GMT

GET
H2 200 key_1.png
img.scihub.ltd/scihub/ 8 KB
8 KB 807ms
24ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/key_1.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 06:13:40 GMT
server: cloudflare
age: 723073
etag: "5c00d514-20ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5f695f96b6-FRA
content-length: 8428
expires: Sat, 15 Feb 2020 07:34:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 105 KB
37 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: scihub.bban.top
URL: https://scihub.bban.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91285367b72f1914b68b816737b661d5bf0feacea5eb13d82f07afc307222a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37758
x-xss-protection: 0
server: cafe
etag: 2666222445168403179
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jan 2020 16:25:41 GMT

GET z_stat.php
s5.cnzz.com/ 0
0

GET
H2 200 top-back.jpg
img.scihub.ltd/scihub/ 184 KB
185 KB 19ms
19ms Image
image/jpeg 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/top-back.jpg
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Sep 2019 12:17:02 GMT
server: cloudflare
age: 723072
etag: "5d7f7d3e-2e0e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea2d96b6-FRA
content-length: 188646
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 logo_en.png
img.scihub.ltd/scihub/ 14 KB
14 KB 11ms
10ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/logo_en.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:56:38 GMT
server: cloudflare
age: 723072
etag: "5c00d116-38dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3096b6-FRA
content-length: 14556
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 raven_1.png
img.scihub.ltd/scihub/ 59 KB
59 KB 14ms
14ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/raven_1.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:56:32 GMT
server: cloudflare
age: 723072
etag: "5c00d110-eaf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3296b6-FRA
content-length: 60144
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 map.jpg
img.scihub.ltd/scihub/ 54 KB
54 KB 16ms
15ms Image
image/jpeg 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/map.jpg
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:56:52 GMT
server: cloudflare
age: 723072
etag: "5c00d124-d935"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3696b6-FRA
content-length: 55605
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 about-marker_en.png
img.scihub.ltd/scihub/ 3 KB
3 KB 16ms
16ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/about-marker_en.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:57:02 GMT
server: cloudflare
age: 723072
etag: "5c00d12e-d21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3796b6-FRA
content-length: 3361
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 quote.png
img.scihub.ltd/scihub/ 1 KB
1 KB 20ms
19ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/quote.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:57:12 GMT
server: cloudflare
age: 723072
etag: "5c00d138-42c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3896b6-FRA
content-length: 1068
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 quotenext_en.png
img.scihub.ltd/scihub/ 1 KB
1 KB 14ms
14ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/quotenext_en.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:57:18 GMT
server: cloudflare
age: 723072
etag: "5c00d13e-43f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3a96b6-FRA
content-length: 1087
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 pone.png
img.scihub.ltd/scihub/ 2 KB
2 KB 16ms
16ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/pone.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:57:24 GMT
server: cloudflare
age: 723072
etag: "5c00d144-665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3c96b6-FRA
content-length: 1637
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 ptwo.png
img.scihub.ltd/scihub/ 4 KB
4 KB 15ms
14ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/ptwo.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:57:30 GMT
server: cloudflare
age: 723072
etag: "5c00d14a-f43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3e96b6-FRA
content-length: 3907
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 pthree.png
img.scihub.ltd/scihub/ 4 KB
4 KB 16ms
16ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/pthree.png
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:57:36 GMT
server: cloudflare
age: 723072
etag: "5c00d150-10b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d5fea3f96b6-FRA
content-length: 4278
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 AvenirLTW01-55Roman.woff2
scihub.bban.top/misc/fonts/ 16 KB
17 KB 47ms
47ms Font
application/octet-stream 185.178.208.153
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://scihub.bban.top/misc/fonts/AvenirLTW01-55Roman.woff2

Requested by

Host: scihub.bban.top
URL: https://scihub.bban.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.153 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

c745b43f7ad54bdfa3b2e6ce8c9161e7fd807bdbbf12b8350bdcdc5e822a1a47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://scihub.bban.top/
Origin: https://scihub.bban.top

Response headers

content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests;
last-modified: Sat, 09 Mar 2019 23:03:34 GMT
server: ngjit
age: 17642180
etag: "5c844646-417c"
vary: X-Forwarded-Proto
content-type: application/octet-stream
status: 200
cache-control: max-age=315360000
date: Thu, 16 Jan 2020 01:44:50 GMT
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=scihub.bban.top

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=scihub.bban.top

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/ 220 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84103
x-xss-protection: 0
server: cafe
etag: 10778269677459870046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Jan 2020 16:25:41 GMT

GET
H2 200 people.jpg
img.scihub.ltd/scihub/ 50 KB
50 KB 14ms
14ms Image
image/jpeg 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/people.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:57:56 GMT
server: cloudflare
age: 723072
etag: "5c00d164-c80c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d601a8396b6-FRA
content-length: 51212
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 join_en.png
img.scihub.ltd/scihub/ 6 KB
6 KB 15ms
15ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/join_en.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:58:24 GMT
server: cloudflare
age: 723072
etag: "5c00d180-1835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d601a8696b6-FRA
content-length: 6197
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 joinvk.png
img.scihub.ltd/scihub/ 17 KB
18 KB 14ms
13ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/joinvk.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:58:30 GMT
server: cloudflare
age: 723072
etag: "5c00d186-45aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d601a8796b6-FRA
content-length: 17834
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 jointwitter.png
img.scihub.ltd/scihub/ 6 KB
6 KB 13ms
12ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/jointwitter.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:58:42 GMT
server: cloudflare
age: 723072
etag: "5c00d192-1677"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d601a8996b6-FRA
content-length: 5751
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 joinfacebook.png
img.scihub.ltd/scihub/ 4 KB
4 KB 16ms
15ms Image
image/png 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scihub.ltd/scihub/joinfacebook.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 05:58:36 GMT
server: cloudflare
age: 723072
etag: "5c00d18c-1038"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 55a35d601a8a96b6-FRA
content-length: 4152
expires: Sat, 15 Feb 2020 07:34:29 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/ Frame 2595 0
0 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200122/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://scihub.bban.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://scihub.bban.top/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 22 Jan 2020 19:50:39 GMT
expires: Wed, 05 Feb 2020 19:50:39 GMT
content-type: text/html; charset=UTF-8
etag: 4350393549794053402
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6578
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 160502
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6E9E 0
0 264ms
264ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5161725087824909&output=html&h=280&slotname=5674932478&adk=1370283616&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1579883141&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fscihub.bban.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1579883141130&bpp=15&bdt=896&fdt=55&idt=55&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&correlator=6820979919995&frm=20&pv=2&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=131752&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=900&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=1450430547448003&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iAE3gnP4z1&p=https%3A//scihub.bban.top&dtd=67

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5161725087824909&output=html&h=280&slotname=5674932478&adk=1370283616&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1579883141&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fscihub.bban.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1579883141130&bpp=15&bdt=896&fdt=55&idt=55&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&correlator=6820979919995&frm=20&pv=2&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=131752&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=900&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=1450430547448003&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&fsb=1&xpc=iAE3gnP4z1&p=https%3A//scihub.bban.top&dtd=67
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://scihub.bban.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://scihub.bban.top/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jan 2020 16:25:41 GMT
server: cafe
content-length: 23558
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 24-Jan-2020 16:40:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 24 Jan 2020 16:25:41 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
expires: Fri, 24 Jan 2020 16:25:41 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame DBCB 0
0 352ms
351ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5161725087824909&output=html&h=280&slotname=5674932478&adk=1918295296&adf=46123072&w=640&fwrn=4&fwrnh=100&lmt=1579883141&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=640x280&url=https%3A%2F%2Fscihub.bban.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1579883141145&bpp=5&bdt=912&fdt=84&idt=84&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6820979919995&frm=20&pv=1&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=656040&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=473&ady=3502&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=1450430547448003&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XFbprAYEpw&p=https%3A//scihub.bban.top&dtd=86

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5161725087824909&output=html&h=280&slotname=5674932478&adk=1918295296&adf=46123072&w=640&fwrn=4&fwrnh=100&lmt=1579883141&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=640x280&url=https%3A%2F%2Fscihub.bban.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1579883141145&bpp=5&bdt=912&fdt=84&idt=84&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=6820979919995&frm=20&pv=1&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=656040&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=473&ady=3502&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=1450430547448003&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=XFbprAYEpw&p=https%3A//scihub.bban.top&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://scihub.bban.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://scihub.bban.top/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Jan 2020 16:25:41 GMT
server: cafe
content-length: 22331
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 24-Jan-2020 16:40:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 24 Jan 2020 16:25:41 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2C44 0
0 22ms
22ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5161725087824909&output=html&adk=1812271804&adf=1573534164&lmt=1579883153&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fscihub.bban.top%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1579883153300&bpp=6&bdt=13067&fdt=7&idt=7&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x280%2C640x280&nras=1&correlator=6820979919995&frm=20&pv=1&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=656040&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&psts=AA2WTGNPhT9UhivPDyfPkDGqho_gnB__41_K8RR9XGoRKJJEURkwY3HqXac3S8cyq9o%2CAA2WTGMgLRqKthj0kvLdBsMRLxTIv65JBZf81yAH2bmZNXBP1L4tDiI94RlqdPFxtJcY&pvsid=1450430547448003&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5161725087824909&output=html&adk=1812271804&adf=1573534164&lmt=1579883153&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fscihub.bban.top%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1579883153300&bpp=6&bdt=13067&fdt=7&idt=7&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x280%2C640x280&nras=1&correlator=6820979919995&frm=20&pv=1&ga_vid=729341077.1579883141&ga_sid=1579883141&ga_hid=917752806&ga_fc=0&iag=0&icsg=656040&dssz=14&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&psts=AA2WTGNPhT9UhivPDyfPkDGqho_gnB__41_K8RR9XGoRKJJEURkwY3HqXac3S8cyq9o%2CAA2WTGMgLRqKthj0kvLdBsMRLxTIv65JBZf81yAH2bmZNXBP1L4tDiI94RlqdPFxtJcY&pvsid=1450430547448003&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://scihub.bban.top/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://scihub.bban.top/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 24 Jan 2020 16:25:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 24-Jan-2020 16:40:53 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 24 Jan 2020 16:25:53 GMT
cache-control: private

GET
H2 200 pluso-like.js Show response
img.scihub.ltd/scihub/ 41 KB
12 KB 15ms
14ms Script
application/javascript 2606:4700:3035::681f:5cc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scihub.ltd/scihub/pluso-like.js
Requested by: Host: scihub.bban.top
URL: https://scihub.bban.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5cc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:25:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Nov 2018 04:39:20 GMT
server: cloudflare
age: 723078
etag: W/"5c00bef8-a5cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2678400
cf-ray: 55a35dac5dc396b6-FRA
expires: Thu, 16 Jan 2020 19:34:35 GMT

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 117 B
587 B 239ms
59ms Script
application/javascript 31.131.252.91
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fscihub.bban.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=MDbFql5cTNbMgcw0&first=1

Requested by

Host: img.scihub.ltd
URL: https://img.scihub.ltd/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

3931a0734adffffa1b3bb257f20800da7fc47d5136c8949c0612e74f0bac2be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Mon, 27 Jan 2020 16:25:48 GMT

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 117 B
587 B 245ms
61ms Script
application/javascript 31.131.252.91
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fscihub.bban.top%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=g0N36W7hNxTaSlWW

Requested by

Host: img.scihub.ltd
URL: https://img.scihub.ltd/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

3931a0734adffffa1b3bb257f20800da7fc47d5136c8949c0612e74f0bac2be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Expires: Mon, 27 Jan 2020 16:25:48 GMT

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//scihub.bban.top/;hSci-Hub%20links;1
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//scihub.bban.top/;hSci-Hub%20links;1

43 B
421 B

60ms
60ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//scihub.bban.top/;hSci-Hub%20links;1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host210.rax.ru
Software: nginx/1.11.1 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Jan 2020 16:25:53 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 23 Jan 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Jan 2020 16:25:53 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//scihub.bban.top/;hSci-Hub%20links;1
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 23 Jan 2019 21:00:00 GMT

GET
H/1.1 200
OK 06.png
share.pluso.ru/img/pluso-like/square/medium/ 23 KB
23 KB 292ms
105ms Image
image/png 31.131.252.91
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/pluso-like/square/medium/06.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-5b8f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 23439
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 243ms
56ms Image
image/png 31.131.252.91
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/plus.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.91 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK kb.js Show response
kitbit.net/ 1 KB
2 KB 252ms
59ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/kb.js

Requested by

Host: img.scihub.ltd
URL: https://img.scihub.ltd/scihub/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

232b49721a13b16e870a9de2f21b7a1a25ebed3b10782201241396a48f6bf012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:03 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8Xl4rGl9H5sM247g/Ag==
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=21600, private
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Jan 2020 22:25:03 GMT

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ 3 KB
3 KB 187ms
60ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: a239d985b98f4b84b14ed272f5a3825bc906f0fbe3dd503d4c94811f8cfe5dbe

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:53 GMT
Last-Modified: Thu, 16 Jan 2020 11:56:56 GMT
Server: nginx
ETag: "5e204f88-b80"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2944

GET
H/1.1 200
OK s.js Show response
kitbit.net/ 1 B
303 B 62ms
61ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/s.js?u=https%3A%2F%2Fscihub.bban.top%2F

Requested by

Host: kitbit.net
URL: https://kitbit.net/kb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:03 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Jan 2020 16:25:02 GMT

GET
H/1.1 200
OK h.gif
kitbit.net/ 43 B
537 B 124ms
62ms Image
image/gif 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//scihub.bban.top/&h=Sci-Hub%20links%26kbuid%3D5EFC831F5F1A2B5E36C3E647023FB8E3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:03 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8Xl4rGl9H5sM247g/Ag==
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Fri, 24 Jan 2020 16:25:03 GMT

GET
H2

200

scn
p1.ntvk1.ru/
Redirect Chain

https://p1.ntvk1.ru/nps
https://optinder.com/cro
https://p1.ntvk1.ru/scn?sid=1579883153908

68 B
385 B

155ms
155ms

Image
image/png

185.59.220.11
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.ntvk1.ru/scn?sid=1579883153908

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.59.220.11 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

frankfurt-10.cdn77.com

Software

CDN77-Turbo /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:25:54 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: 0
strict-transport-security: max-age=604800
x-cache: MISS
content-type: image/png; charset=UTF-8
status: 200
x-edge-ip: 185.59.220.10
accept-ranges: bytes
content-length: 68
if-modified-since: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Jan 2020 16:25:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: //p1.ntvk1.ru/scn?sid=1579883153908
content-type: text/javascript
status: 302
cache-control: no-store, no-cache, private
cf-ray: 55a35dafbde1dfcb-FRA

GET
H/1.1 200
OK sud
ut9.rktch.com/ 84 B
84 B 204ms
59ms Image
image/png 176.99.5.124
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut9.rktch.com/sud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.124 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d40625.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:53 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ 14 KB
14 KB 62ms
61ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=868248882346384
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 62c60a02ea9905316fc62640e39c96319e78675497be2f1d7266b84d8adaf86e

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:53 GMT
Last-Modified: Thu, 16 Jan 2020 11:56:56 GMT
Server: nginx
ETag: "5e204f88-36e2"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14050

GET
H/1.1 200
OK extension_1086.js Show response
tag.digitaltarget.ru/extensions/ 628 B
872 B 61ms
61ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/extensions/extension_1086.js?i=557240298078406
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: be91f5ea2957734284b6a3c6b95ecac74daa710c1639fce7551c0361300864c0

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:53 GMT
Last-Modified: Thu, 16 Jan 2020 11:56:56 GMT
Server: nginx
ETag: "5e204f88-274"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 628

GET
H2

200

image
1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com/
Redirect Chain

https://dmg.digitaltarget.ru/1/6499/i/i?i=864063723969323.302049535562999
https://dmg.digitaltarget.ru/1/6499/i/i?i=864063723969323.302049535562999&q=scc
https://matcher.upravel.com/m?id=TPNyJXUx.Aur5555u7v1&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D
https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=1a496e69-c60f-4dab-9e07-fa87e664351e
https://sync.upravel.com/image?source=amberdata&id=cnuA36Ux.AuT5555uovs&rnd=943491001579557119007000000003870148
https://1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com/image?source=amberdata&id=cnuA36Ux.AuT5555uovs&rnd=943491001579557119007000000003870148&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6...

181 B
613 B

149ms
72ms

Image
image/png

148.251.236.115
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com/image?source=amberdata&id=cnuA36Ux.AuT5555uovs&rnd=943491001579557119007000000003870148&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zY2lodWIuYmJhbi50b3AvIl19fQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.236.115 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod-hzeu-bidder-5.community.moscow
Software: nginx /
Resource Hash: 637843f8fed13fb5fbf47d78509bd6b31df3d1fcc2a58cebbbfbdea9cefa250f

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 24 Jan 2020 16:22:10 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 181

Redirect headers

date: Fri, 24 Jan 2020 16:24:53 GMT
server: nginx
access-control-allow-origin: *
location: https://1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com/image?source=amberdata&id=cnuA36Ux.AuT5555uovs&rnd=943491001579557119007000000003870148&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9zY2lodWIuYmJhbi50b3AvIl19fQ
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/webp
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/6465/i/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D&bounce=1&random=1079654733
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=oYlz1/9.aF557WlfWp5M7.
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=oYlz1/9.aF557WlfWp5M7.&q=scc

0
365 B

72ms
72ms

Image
text/plain

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=oYlz1/9.aF557WlfWp5M7.&q=scc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/6465/i/i?a=735&e=oYlz1/9.aF557WlfWp5M7.&q=scc
Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/7023/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7023/i/i?i=864063723969323.359315323757962
https://dmg.digitaltarget.ru/1/7023/i/i?i=864063723969323.359315323757962&q=scc

0
365 B

119ms
119ms

Image
text/plain

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/7023/i/i?i=864063723969323.359315323757962&q=scc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/7023/i/i?i=864063723969323.359315323757962&q=scc
Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/6533/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/6534/i/i?i=864063723969323.583191721761789
https://dmg.digitaltarget.ru/1/6534/i/i?i=864063723969323.583191721761789&q=scc
https://fnc.rt.ru/1/6532/i/i?i=603594001579770453123000000001727615
https://fnc.rt.ru/1/6532/i/i?i=603594001579770453123000000001727615&q=scc
https://dmg.digitaltarget.ru/1/6533/i/i?i=113390001579609849292000000000845425&a=774&e=1a5GXZ1xO55B5555Frdq

0
365 B

81ms
81ms

Image
text/plain

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/6533/i/i?i=113390001579609849292000000000845425&a=774&e=1a5GXZ1xO55B5555Frdq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: https://dmg.digitaltarget.ru/1/6533/i/i?i=113390001579609849292000000000845425&a=774&e=1a5GXZ1xO55B5555Frdq
Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.889558217041515&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.x...
https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.889558217041515&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.x...
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=DQUj16m.LFlI5555bZ2T&i=872993001579767373651000000001799873
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=DQUj16m.LFlI5555bZ2T

0
344 B

35ms
19ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=DQUj16m.LFlI5555bZ2T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:54 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=DQUj16m.LFlI5555bZ2T
Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.392245539747963&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.x...
https://dmg.digitaltarget.ru/1/1086/i/i?i=864063723969323.392245539747963&a=86&e=5EFC831F5F1A2B5E36C3E647023FB8E3&c=ss:86.up:5EFC831F5F1A2B5E36C3E647023FB8E3.sync:up.xdua:du_GfAWbQKipN7Q0p6yKyn4a.x...
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=Ca96YZUx.A5m5555unSa&i=741948001579767373652000000001800076
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=Ca96YZUx.A5m5555unSa

0
344 B

52ms
18ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=Ca96YZUx.A5m5555unSa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://scihub.bban.top/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Fri, 24 Jan 2020 16:25:54 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=Ca96YZUx.A5m5555unSa
Date: Fri, 24 Jan 2020 16:25:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s5.cnzz.com
URL: https://s5.cnzz.com/z_stat.php?id=1276057484&web_id=1276057484

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sci-Hub (Consumer)

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 06:51:24	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a496e69-c60f-4dab-9e07-fa87e664351e.sync.upravel.com
adservice.google.com
adservice.google.de
counter.yadro.ru
dmg.digitaltarget.ru
fnc.rt.ru
googleads.g.doubleclick.net
img.scihub.ltd
kitbit.net
matcher.upravel.com
optinder.com
p1.ntvk1.ru
pagead2.googlesyndication.com
ps.eyeota.net
redirect.frontend.weborama.fr
s5.cnzz.com
scihub.bban.top
share.pluso.ru
sync.upravel.com
tag.digitaltarget.ru
ut9.rktch.com
www.googletagservices.com
s5.cnzz.com
148.251.236.115
148.251.237.106
176.99.5.124
185.15.175.134
185.15.175.137
185.15.175.147
185.178.208.153
185.59.220.11
2606:4700:3035::681f:5cc9
2606:4700:3037::681f:5b66
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:820::2002
3.125.70.222
31.131.252.91
31.131.252.94
35.190.16.14
88.212.201.210
88.99.190.97
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
232b49721a13b16e870a9de2f21b7a1a25ebed3b10782201241396a48f6bf012
2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
3931a0734adffffa1b3bb257f20800da7fc47d5136c8949c0612e74f0bac2be0
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
62c60a02ea9905316fc62640e39c96319e78675497be2f1d7266b84d8adaf86e
637843f8fed13fb5fbf47d78509bd6b31df3d1fcc2a58cebbbfbdea9cefa250f
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
91285367b72f1914b68b816737b661d5bf0feacea5eb13d82f07afc307222a31
923d0eb3f7100786e92c377a51cea8326cffc654b8595b44cd909f10770418a3
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
a239d985b98f4b84b14ed272f5a3825bc906f0fbe3dd503d4c94811f8cfe5dbe
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
be91f5ea2957734284b6a3c6b95ecac74daa710c1639fce7551c0361300864c0
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c745b43f7ad54bdfa3b2e6ce8c9161e7fd807bdbbf12b8350bdcdc5e822a1a47
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28

scihub.bban.top Open in urlscan Pro 185.178.208.153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

92 %HTTPS

26 %IPv6

19 Domains

22 Subdomains

15 IPs

3 Countries

790 kBTransfer

1394 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

scihub.bban.top Open in urlscan Pro
185.178.208.153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

92 %
HTTPS

26 %
IPv6

19
Domains

22
Subdomains

15
IPs

3
Countries

790 kB
Transfer

1394 kB
Size

1
Cookies

52 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!