![](/screenshots/fae8378e-a859-493b-ad30-08359ac8db32.png)
www.sci-hub.ee
Open in
urlscan Pro
2606:4700:3034::ac43:be2c
Malicious Activity!
Public Scan
Submission: On May 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2022. Valid for: a year.
This is the only time www.sci-hub.ee was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sci-Hub (Consumer)Domain & IP information
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-66-251-81.deploy.static.akamaitechnologies.com
px.owneriq.net |
ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-160-136.compute-1.amazonaws.com
pm.w55c.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-156-62.compute-1.amazonaws.com
sync.srv.stackadapt.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-165-14.compute-1.amazonaws.com
cc.adingo.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 137 |
334 KB |
21 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 |
80 KB |
21 |
sci-hub.shop
img.sci-hub.shop — Cisco Umbrella Rank: 426733 |
584 KB |
6 |
google.com
1 redirects
adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2 |
2 KB |
2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 10819 |
1 KB |
2 |
w55c.net
2 redirects
pm.w55c.net — Cisco Umbrella Rank: 771 |
2 KB |
2 |
owneriq.net
2 redirects
px.owneriq.net — Cisco Umbrella Rank: 1426 |
2 KB |
2 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
43 KB |
2 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188 |
105 KB |
1 |
adingo.jp
1 redirects
cc.adingo.jp — Cisco Umbrella Rank: 5889 |
418 B |
1 |
stackadapt.com
1 redirects
sync.srv.stackadapt.com — Cisco Umbrella Rank: 662 |
1001 B |
1 |
uuidksinc.net
1 redirects
s.uuidksinc.net — Cisco Umbrella Rank: 10232 |
293 B |
1 |
inmobi.com
1 redirects
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3232 |
462 B |
1 |
mxptint.net
1 redirects
aep.mxptint.net — Cisco Umbrella Rank: 5365 |
732 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 |
1 KB |
1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 945 |
602 B |
1 |
sci-hub.ee
www.sci-hub.ee |
7 KB |
0 |
kitbit.net
Failed
kitbit.net Failed |
|
0 |
pluso.ru
Failed
share.pluso.ru Failed |
|
85 | 19 |
Domain | Requested by | |
---|---|---|
21 | img.sci-hub.shop |
www.sci-hub.ee
|
14 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
13 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net www.sci-hub.ee |
10 | pagead2.googlesyndication.com |
www.sci-hub.ee
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com |
8 | cm.g.doubleclick.net |
www.sci-hub.ee
googleads.g.doubleclick.net |
3 | www.google.com |
1 redirects
googleads.g.doubleclick.net
tpc.googlesyndication.com |
3 | adservice.google.com |
pagead2.googlesyndication.com
|
2 | counter.yadro.ru | 1 redirects |
2 | pm.w55c.net | 2 redirects |
2 | px.owneriq.net | 2 redirects |
2 | www.googletagservices.com |
googleads.g.doubleclick.net
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cc.adingo.jp | 1 redirects |
1 | sync.srv.stackadapt.com | 1 redirects |
1 | s.uuidksinc.net | 1 redirects |
1 | mweb.ck.inmobi.com | 1 redirects |
1 | aep.mxptint.net | 1 redirects |
1 | www.gstatic.com |
googleads.g.doubleclick.net
|
1 | fonts.googleapis.com |
googleads.g.doubleclick.net
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | www.sci-hub.ee | |
0 | kitbit.net Failed |
img.sci-hub.shop
|
0 | share.pluso.ru Failed |
img.sci-hub.shop
|
85 | 23 |
This site contains links to these domains. Also see Links.
Domain |
---|
sci-hub.ee |
pluso.ru |
vk.com |
twitter.com |
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sci-hub.ee Cloudflare Inc ECC CA-3 |
2022-10-22 - 2023-10-22 |
a year | crt.sh |
sci-hub.shop Cloudflare Inc ECC CA-3 |
2023-04-23 - 2024-04-22 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
This page contains 16 frames:
Primary Page:
https://www.sci-hub.ee/
Frame ID: AD9FA768FD2359E44E5A0E20E9D86AA5
Requests: 39 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20230504/r20190131/zrt_lookup.html
Frame ID: 2875C1C989B514F5B2D88BE0FDBB4827
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&slotname=6801865814&adk=3177394161&adf=2987723014&pi=t.ma~as.6801865814&w=528&fwrn=4&fwrnh=100&lmt=1683562629&rafmt=1&format=528x280&url=https%3A%2F%2Fwww.sci-hub.ee%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629406&bpp=17&bdt=453&idt=249&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&correlator=3003952398918&frm=20&pv=2&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=536&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=rquCWTUYLu&p=https%3A//www.sci-hub.ee&dtd=270
Frame ID: 314030B577EC0B3A41ACF905F1F45077
Requests: 10 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&adk=1812271804&adf=3025194257&lmt=1683562629&plat=1%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_r&format=0x0&url=https%3A%2F%2Fwww.sci-hub.ee%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629437&bpp=3&bdt=485&idt=256&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=528x280&nras=1&correlator=3003952398918&frm=20&pv=1&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=273
Frame ID: 4FA84E6CC5CEAC28AC8EF3F74017E0E8
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=840009040&adf=2385552667&pi=t.aa~a.2873812152~rp.4&daaos=1683507983882~1683507983882&w=1200&fwrn=4&fwrnh=100&lmt=1683562629&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fwww.sci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629860&bpp=1&bdt=907&idt=-M&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daf927a0ff06163c9-22a3194d93df0014%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_Mb7D8gOcTTLH-SJUJ7NbzEmXk7imw&gpic=UID%3D00000beaa1138986%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_MZ8XL011UxidQqThhyxhYvVqsOfew&prev_fmts=528x280%2C0x0&nras=2&correlator=3003952398918&frm=20&pv=1&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=5906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Eb9sXDkkUo&p=https%3A//www.sci-hub.ee&dtd=28
Frame ID: 1505589BC3DBF6625302064FEC29F1C8
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.3822907434~rp.4&daaos=1683507983882~1683507983882&w=1200&fwrn=4&fwrnh=100&lmt=1683562629&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fwww.sci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629860&bpp=1&bdt=907&idt=-M&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daf927a0ff06163c9-22a3194d93df0014%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_Mb7D8gOcTTLH-SJUJ7NbzEmXk7imw&gpic=UID%3D00000beaa1138986%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_MZ8XL011UxidQqThhyxhYvVqsOfew&prev_fmts=528x280%2C0x0%2C1200x280&nras=3&correlator=3003952398918&frm=20&pv=1&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Tp9R3GFSXm&p=https%3A//www.sci-hub.ee&dtd=34
Frame ID: CED3F0438206AA8E2A7814FE0D4945B6
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=1602281170&pi=t.aa~a.3357258965~rp.4&daaos=1683507983882~1683507983882&w=1200&fwrn=4&fwrnh=100&lmt=1683562629&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fwww.sci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629860&bpp=1&bdt=907&idt=-M&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daf927a0ff06163c9-22a3194d93df0014%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_Mb7D8gOcTTLH-SJUJ7NbzEmXk7imw&gpic=UID%3D00000beaa1138986%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_MZ8XL011UxidQqThhyxhYvVqsOfew&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280&nras=4&correlator=3003952398918&frm=20&pv=1&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=1hkVj1G43n&p=https%3A//www.sci-hub.ee&dtd=42
Frame ID: A8D6960B7C0F41F6E864E98507D52BF0
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=3809598800&adf=3132389021&pi=t.aa~a.3997822654~rp.4&daaos=1683507983882~1683507983882&w=1200&fwrn=4&fwrnh=100&lmt=1683562629&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fwww.sci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629860&bpp=1&bdt=907&idt=-M&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daf927a0ff06163c9-22a3194d93df0014%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_Mb7D8gOcTTLH-SJUJ7NbzEmXk7imw&gpic=UID%3D00000beaa1138986%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_MZ8XL011UxidQqThhyxhYvVqsOfew&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3003952398918&frm=20&pv=1&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=pTLe54uOSJ&p=https%3A//www.sci-hub.ee&dtd=47
Frame ID: A058834FD38B6F976E21D53B31435A2D
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=280&adk=1049116157&adf=1103786007&pi=t.aa~a.2054722437~rp.3&daaos=1683507983882~1683507983882&w=1200&fwrn=4&fwrnh=100&lmt=1683562629&rafmt=1&to=qs&pwprc=8593394858&format=1200x280&url=https%3A%2F%2Fwww.sci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629860&bpp=1&bdt=907&idt=2&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daf927a0ff06163c9-22a3194d93df0014%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_Mb7D8gOcTTLH-SJUJ7NbzEmXk7imw&gpic=UID%3D00000beaa1138986%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_MZ8XL011UxidQqThhyxhYvVqsOfew&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=3003952398918&frm=20&pv=1&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4794&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=TfHJXpKQjP&p=https%3A//www.sci-hub.ee&dtd=53
Frame ID: 55D9297CAEFBDE952B16ACC213056903
Requests: 15 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5451336487934366&output=html&h=90&adk=3247713071&adf=51275896&pi=t.aa~a.2054722437~rp.4&daaos=1683507983882~1683507983882&w=1200&fwrn=4&fwrnh=100&lmt=1683562630&rafmt=1&to=qs&pwprc=8593394858&format=1200x90&url=https%3A%2F%2Fwww.sci-hub.ee%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683562629866&bpp=1&bdt=913&idt=1&shv=r20230504&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daf927a0ff06163c9-22a3194d93df0014%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_Mb7D8gOcTTLH-SJUJ7NbzEmXk7imw&gpic=UID%3D00000beaa1138986%3AT%3D1683562629%3ART%3D1683562629%3AS%3DALNI_MZ8XL011UxidQqThhyxhYvVqsOfew&prev_fmts=528x280%2C0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=7&correlator=3003952398918&frm=20&pv=1&ga_vid=442004242.1683562630&ga_sid=1683562630&ga_hid=1926109848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4466&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44788441%2C44789923&oid=2&pvsid=3115933848084109&tmod=1962894535&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=7&fsb=1&xpc=y4M4FkWqyP&p=https%3A//www.sci-hub.ee&dtd=420
Frame ID: 4941C9DB8FE32979410B70D13799C474
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F0C3AE03329D90E89EDC982BD093C71F
Requests: 2 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B81FD9DF4935CBF9FA2EE22F0B10BB60
Requests: 9 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Frame ID: 16CC21BF5DFC80507E41F5A4FC57A18E
Requests: 1 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
Frame ID: C974347FA555DA80766EC9B28F71F35D
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB59A4467A363774336CB3CF238492D4
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 364C678D0E3FB0586D51D112FA6C7B8C
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/fae8378e-a859-493b-ad30-08359ac8db32.png)
Page Title
sci-hub proxy search linksDetected technologies
Detected patterns
- googlesyndication\.com/
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery-ui.*\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 56- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
- https://px.owneriq.net/ecmg?google_gid=CAESEH_9zZ6Z5-hvp9nz20ylewA&google_cver=1&google_push=ATf1kGP_D8fHmPzYTycMxzKlvdt4nVBzjovsKZ6NXNByhOWdoUqq_ds9T3xDWRf3ItWZx8iVrT7RZ3Li_2XZvOYxFSxC4c0AlqsBh-4 HTTP 302
- https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dATf1kGP_D8fHmPzYTycMxzKlvdt4nVBzjovsKZ6NXNByhOWdoUqq_ds9T3xDWRf3ItWZx8iVrT7RZ3Li_2XZvOYxFSxC4c0AlqsBh-4%26google_cver%3d1%26google_gid%3dCAESEH_9zZ6Z5-hvp9nz20ylewA%26google_hm%3dUTczNjg0OTAzMDE0MzAwNDgzMDM%3d&uid=Q7368490301430048303&ref=%2Fecmg HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=ATf1kGP_D8fHmPzYTycMxzKlvdt4nVBzjovsKZ6NXNByhOWdoUqq_ds9T3xDWRf3ItWZx8iVrT7RZ3Li_2XZvOYxFSxC4c0AlqsBh-4&google_cver=1&google_gid=CAESEH_9zZ6Z5-hvp9nz20ylewA&google_hm=UTczNjg0OTAzMDE0MzAwNDgzMDM=
- https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECAHwSq3i8bS5nGVfkYc_xc&google_cver=1&google_push=ATf1kGMfzzav6TpdEjSvcStGTrgFa85StzEmGXOugH7X8pk3rua0DFSnu4-4hsd4TX_YjfI6_2UsqTHUD-0-oRNITHBLYAAL7SE6Rrc HTTP 302
- https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECAHwSq3i8bS5nGVfkYc_xc&google_cver=1&google_push=ATf1kGMfzzav6TpdEjSvcStGTrgFa85StzEmGXOugH7X8pk3rua0DFSnu4-4hsd4TX_YjfI6_2UsqTHUD-0-oRNITHBLYAAL7SE6Rrc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGRSRUxaZDcxUFczeFk1&google_gid=CAESECAHwSq3i8bS5nGVfkYc_xc&google_cver=1&google_push=ATf1kGMfzzav6TpdEjSvcStGTrgFa85StzEmGXOugH7X8pk3rua0DFSnu4-4hsd4TX_YjfI6_2UsqTHUD-0-oRNITHBLYAAL7SE6Rrc
- https://aep.mxptint.net/sn.ashx?google_gid=CAESEIdjhyy0FriY4TSKmRdfkvc&google_cver=1&google_push=ATf1kGPT10w6EzUvpVtCZS5qacXpqgxIm5qeo2Bot6D4q3Z91vBU_q-vqD0kC3mk-ivlfzo_RgZTsD8icV7T5E7d_Uoz5rYAlwm_RlE HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=ATf1kGPT10w6EzUvpVtCZS5qacXpqgxIm5qeo2Bot6D4q3Z91vBU_q-vqD0kC3mk-ivlfzo_RgZTsD8icV7T5E7d_Uoz5rYAlwm_RlE&google_hm=UjMzNjQ1XzEwMjVCOEE5QV80ODBCRTY3MA%3D%3D
- https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEGle7QdaLCpcYt7Jo8Npjl0&google_cver=1&google_push=ATf1kGOmFftEDZR5H7OhVzcX6WI6g11AdR_tQBmqriUojJO1fU59EXHqqqMJ9RujZqS1UVHJV7m_hll6X_YfDhscTwDrvGcosPFMg9E HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=M2Y5ZjkwZDMtYmVlMy00ZDgwLTllMjEtZjEwMGE5MmNiODIx&google_gid=CAESEGle7QdaLCpcYt7Jo8Npjl0&google_cver=1&google_push=ATf1kGOmFftEDZR5H7OhVzcX6WI6g11AdR_tQBmqriUojJO1fU59EXHqqqMJ9RujZqS1UVHJV7m_hll6X_YfDhscTwDrvGcosPFMg9E
- https://s.uuidksinc.net/match/47/?remote_uid=CAESEOoHW7uZmwOHweskyDbtc0M&c_param1=ATf1kGMTyTFzO0smDQB4qW9xUqXmHtj9GR1PeYkZvJ_10nNvebo-jIFwu6ByJtUROWsgxcJ9jsOMlotBJS-3Q7YPKxpCj5dBU2AzAXI&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMTyTFzO0smDQB4qW9xUqXmHtj9GR1PeYkZvJ_10nNvebo-jIFwu6ByJtUROWsgxcJ9jsOMlotBJS-3Q7YPKxpCj5dBU2AzAXI
- https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEG3VV-57Y87HshbLSEeI5Yc&google_cver=1&google_push=ATf1kGMT-RE2GSYZOgigLT-hCsRPf5xnfxF696GB6CWLuKSNMbIK1QNyVr3k5hinEmbEm842b4Y0K2Pf4F8rqdloQHti7uDDsGS6HMU HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=dISjD0srWlVGuKnQKPQfawW16oQ&google_push=ATf1kGMT-RE2GSYZOgigLT-hCsRPf5xnfxF696GB6CWLuKSNMbIK1QNyVr3k5hinEmbEm842b4Y0K2Pf4F8rqdloQHti7uDDsGS6HMU
- https://cc.adingo.jp/adx/push/?google_gid=CAESEPTKdeGPJ2CA5FvRTVoCIMM&google_cver=1&google_push=ATf1kGNGeMnpxsd6orfPjat_eyOfYiaTDMDyFRWApYiQwkUg1_iePWwxT5tZHsoB7ZPrzAo0Gqic9TZGbFHhLZ6IavK4Uo-5_WXKlw HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=ATf1kGNGeMnpxsd6orfPjat_eyOfYiaTDMDyFRWApYiQwkUg1_iePWwxT5tZHsoB7ZPrzAo0Gqic9TZGbFHhLZ6IavK4Uo-5_WXKlw&google_hm=0ac027dddfedd8a1c6f7d10b45c9ba26
- https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//www.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1 HTTP 302
- https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//www.sci-hub.ee/;hsci-hub%20proxy%20search%20links;1
85 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.sci-hub.ee/ |
27 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.1.min.js
img.sci-hub.shop/scihub/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
img.sci-hub.shop/scihub/ |
248 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openapi.js
img.sci-hub.shop/scihub/ |
94 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
medal.png
img.sci-hub.shop/scihub/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
key_1.png
img.sci-hub.shop/scihub/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
137 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
top-back.jpg
img.sci-hub.shop/scihub/ |
184 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_en.png
img.sci-hub.shop/scihub/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
raven_1.png
img.sci-hub.shop/scihub/ |
59 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
map.jpg
img.sci-hub.shop/scihub/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
about-marker_en.png
img.sci-hub.shop/scihub/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
quote.png
img.sci-hub.shop/scihub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
quotenext_en.png
img.sci-hub.shop/scihub/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pone.png
img.sci-hub.shop/scihub/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ptwo.png
img.sci-hub.shop/scihub/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pthree.png
img.sci-hub.shop/scihub/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
people.jpg
img.sci-hub.shop/scihub/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
join_en.png
img.sci-hub.shop/scihub/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
joinvk.png
img.sci-hub.shop/scihub/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jointwitter.png
img.sci-hub.shop/scihub/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
joinfacebook.png
img.sci-hub.shop/scihub/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
AvenirLTW01-55Roman.woff2
img.sci-hub.shop/misc/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pluso-like.js
img.sci-hub.shop/scihub/ |
41 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/ |
355 KB 119 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230504/r20190131/ Frame 2875 |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
387 B 602 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 456 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 3140 |
102 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4FA8 |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 165 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 1505 |
430 B 230 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame CED3 |
430 B 231 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame A8D6 |
430 B 231 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame A058 |
430 B 231 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 55D9 |
109 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5764534059557005084
tpc.googlesyndication.com/daca_images/simgad/ Frame 3140 |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 3140 |
22 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 3140 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 3140 |
67 B 189 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 3140 |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3140 |
169 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 3140 |
32 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 3140 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4941 |
430 B 227 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame F0C3 |
143 B 166 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 3140 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 55D9 |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 55D9 |
2 KB 845 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/ Frame 55D9 |
22 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 55D9 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230504/r20110914/client/ Frame 55D9 |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 55D9 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 55D9 |
169 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe5bb951bcb64b0813d5b031a6a87c6d.js
www.gstatic.com/mysidia/ Frame 55D9 |
32 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame F0C3 Redirect Chain
|
0 17 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14763004658117789537
tpc.googlesyndication.com/simgad/4161239287981947597/ Frame 55D9 |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 55D9 |
206 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 55D9 |
209 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B81F |
1 KB 643 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 55D9 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B81F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B81F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame B81F Redirect Chain
|
170 B 329 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B81F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame B81F Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame B81F Redirect Chain
|
170 B 232 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame B81F Redirect Chain
|
170 B 232 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
attr
cm.g.doubleclick.net/pixel/ Frame B81F |
0 130 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 55D9 |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame 16CC |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame 55D9 |
0 19 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame C974 |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
process
share.pluso.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
process
share.pluso.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit;PLUSO
counter.yadro.ru/ Redirect Chain
|
43 B 528 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
14 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
06.png
share.pluso.ru/img/pluso-like/square/medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
plus.png
share.pluso.ru/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
kb.js
kitbit.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB59 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 364C |
783 B 971 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 364C |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
pagead2.googlesyndication.com/bg/ Frame DB59 |
37 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame DB59 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- img.sci-hub.shop
- URL
- https://img.sci-hub.shop/misc/fonts/AvenirLTW01-55Roman.woff2
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=42kws7yyEhSEGPbs&first=1
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fsci-hub.ee%2F&w=1600&h=1200&ref=&uid=5473046666911051876&k=Qe8RytTWhh3e7pkm
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/img/pluso-like/square/medium/06.png
- Domain
- share.pluso.ru
- URL
- https://share.pluso.ru/img/plus.png
- Domain
- kitbit.net
- URL
- https://kitbit.net/kb.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sci-Hub (Consumer)58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless function| $ function| jQuery function| obj2qs object| fastXDM object| VK function| slideQuote function| colorMenu function| go object| adsbygoogle number| ifpluso object| pluso object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| googletag object| k string| pt object| s object| GoogleGcLKhOms18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sci-hub.ee/ | Name: __gads Value: ID=af927a0ff06163c9-22a3194d93df0014:T=1683562629:RT=1683562629:S=ALNI_Mb7D8gOcTTLH-SJUJ7NbzEmXk7imw |
|
.sci-hub.ee/ | Name: __gpi Value: UID=00000beaa1138986:T=1683562629:RT=1683562629:S=ALNI_MZ8XL011UxidQqThhyxhYvVqsOfew |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnYJVI1nlQnAufJwPbxGI48R117UV2xIcVfNaZYYtL-IXHakvoL6O9lR4OgF8g |
|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.mxptint.net/ | Name: mxpim Value: R33645_1025B8A9A_480BE670.1.64592086 |
|
.adingo.jp/ | Name: ID Value: 0ac027dddfedd8a1c6f7d10b45c9ba26 |
|
.w55c.net/ | Name: wfivefivec Value: 8dRELZd71PW3xY5 |
|
.owneriq.net/ | Name: si Value: Q7368490301430048303P |
|
.owneriq.net/ | Name: p2 Value: gguuid |
|
.owneriq.net/ | Name: gguuid Value: 1 |
|
sync.srv.stackadapt.com/ | Name: sa-user-id Value: s%3A0-7484a30f-4b2b-5a55-46b8-a9d028f41f6b.nSsfzN5%2BYUA7uqxESVyd2uCe6jAiqoqVHC8b1ZLjwvk |
|
sync.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3AdISjD0srWlVGuKnQKPQfawW16oQ.nw%2BPpMmWOrzcOpYceuGHAMh7%2BHaz0j38kAjz3A30kiE |
|
.srv.stackadapt.com/ | Name: sa-user-id-v2 Value: s%3AdISjD0srWlVGuKnQKPQfawW16oQ.nw%2BPpMmWOrzcOpYceuGHAMh7%2BHaz0j38kAjz3A30kiE |
|
.inmobi.com/ | Name: idsp_c Value: 3f9f90d3-bee3-4d80-9e21-f100a92cb821 |
|
.w55c.net/ | Name: matchgoogle Value: 5 |
|
.uuidksinc.net/ | Name: jcsuuid Value: K1vEzYFamBa2NZnNSRyi |
|
.yadro.ru/ | Name: FTID Value: 1aMI270KzvuY1aMI27003Blf |
|
.yadro.ru/ | Name: VID Value: 3TyRqb1OC78Y1aMI27003BnS |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
aep.mxptint.net
cc.adingo.jp
cm.g.doubleclick.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.sci-hub.shop
kitbit.net
mweb.ck.inmobi.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
px.owneriq.net
s.uuidksinc.net
share.pluso.ru
sync.srv.stackadapt.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.sci-hub.ee
img.sci-hub.shop
kitbit.net
share.pluso.ru
104.66.251.81
142.250.72.98
20.85.134.6
2606:4700:3034::6815:9e6
2606:4700:3034::ac43:be2c
2607:f8b0:4006:806::2002
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:816::200a
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2003
31.220.27.135
34.196.165.14
38.98.69.175
52.2.156.62
54.242.160.136
88.212.202.52
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
0f15cc4cd8b473731e005ce00c1dcbda3d2bc464bb05f8838eb9c0a5991323fb
125ef9e8cac071be547016f215e726b1f17be04068441bb35847bf565c89e4c3
14e6508482a47b942549d487294e164dbe8684e79a6a00410dfb966acffa9570
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1da4216a456e5fb4f55a53e152c013a050106ca97b9617ca2f7d45f26cce9925
1f6720f9b1b728e80c6f618a5aac450c6f6df834dd8f0e8b4059ac78a90af7af
21e0ab358fb7b5fe4b9ab1ef462b9c458a44e56139b4dc8b0b602b80989f8a81
2ce775b738a9e8f74219fe3bd5e68a9aa060c0675d3456ee108c651a35e6d610
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0860f8522f36c13144b3382a74d34ee5ae6a38223cd5c68951c8ac304f25a9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3860c6aa1cdef6ed8bf7315bbfbdc1237d14f68ea2e7a55bcccb9e77662d1b7f
3c3fe3e97f32006331341f7a8a5b1fc813891d8a0cf672b2d44254dd23c01410
44e857b78e5b61610566603bed79bceb9a60415b2795cfdf907346cb026d2450
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
454e4bc03b54bff4716e23ac8be68737dffd664ea64400effdc9ff4581e89586
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
460b964d7227b7963094c56a6449ed520818785ccb2eb6ecfe8be595fee74232
46dcb8cb7d4d80220baa300c65817e9a4a324c15ddb1e3955d222175eb6cf8c9
4b225ff2e35c8db5378d2ac271c993cbdf6c900aceec3a3eee1c31421e4dc44a
4cdf35835984393ce49f0519de192bf36214ced7630b91533889f5f8c1589846
4d487568239155a3e6c2df3aa72c270f761bedcc7b927a60d73faf485ad0082b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
578ff4d52286a7408d2e41886acf1dd33a1cbcc77a1b20ae56179564b268c3f0
5865b49634471e52c9aed5ecb91ab81ad5b29472658ea9f3782bf6076545c409
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
704786a1b4f365765aa5b82be4bdfb8c933a0ba0e50a6aebf300c76f51593f54
74b0f096f41640cabe04a8d3f24e83e5433cb5521edb54855d88f76298e2d54e
7d102b1e95a91f3676130a689c61b73afaeacbd48d231bc07f07aa3540e0cb2a
7f3abdf0859cf36c2821963a7266a955fd4bd5fe491f997d9d8dae3f3957cf75
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a50dba2bfbbfe01d25c025c5ee5acb8ce80af1707fb3b50ce82ff434be6b98f
8b6e349190632c3dd468472f826539d52b613325527702dc8648ff06f9223382
8dd6c570e8d8c98ebe983228777f11a9f0e195c2d2f8298c034766ccd2d3087c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a335f346b6af473a5801b55b7a75a7114a99ae6b830243d213d14fad48453e40
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b01941aa4b0ee70d5db87e0d0a5802358f6a0af5e7d16c1840237685827decab
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b159fa8e90945bc80cd1c0757eef0c2ff67540dda47318beff5be8b70df10642
b8e3e37a00f298198fe34abc7c237a0b3c21659f668e142dcf5bc467bae0de23
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c065fb78b0e08dfcca754d46f64414bff72a17836b5da8f717e48423fd4e5952
c1ddb1e6604a319ce2f117e217408057d52188832da85ffc60354988c606ce54
c930cfd1a633df3f92e6104e291b65534f21a32f3e1fe1d4bfb3b5eb7df17c74
c976023edd17ce89501bb6a4cd50277b50fc4ef4045d61b52854da88d36cb202
ceff042416c5948def188bebbdf5850b7a81435d5dd8bcbe1bc55b6573568673
dabaf1eee4ae1c1db524c66d6950221386ef064a71d29b9f799d1905d64456b6
de5e39c2406e702e29e4dfb5339e1b239c361e9ba2781fb69b694373aa4dd97b
e319892f7f2a6e0a6790ff3274eaec39df67d671429aef64ae798ef6792b6fe3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7171278e978ae5c4cdd31146a8c126ae640e662e731a360ce53c4108b792427
faf4abe453226c16a5c05a5e9964fd12e0f495b46eec66fb1b0d90167416c968
ff03fb35159e9cc4104b52e40b4153040df127e8cbeb3a7f351a4951b0008c28