help.hl39.ru Open in urlscan Pro
147.45.106.128  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response help.hl39.ru/	5 KB 2 KB	439ms 82ms	Document text/html	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash daf9588a5f6e59d42294e19e57ead1e9f37463698dd7d9da9fa884f0b045801c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-encoding gzip content-length 1785 content-type text/html; charset=UTF-8 date Mon, 03 Jun 2024 13:48:20 GMT etag "121f-619f953120901-gzip" last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 vary Accept-Encoding
GET H2	200	style.css help.hl39.ru/	2 KB 928 B	74ms 71ms	Stylesheet text/css	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://help.hl39.ru/style.css?v=1.1 Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash 69d8a3abb109d6943a74f787ee01e876ca80c8dabbcad0f27da04fcd43227df8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 etag W/"665d92eb-6db" content-type text/css
GET H/1.1	200 OK	webwidget Show response pyrus.com/js/	3 KB 2 KB	252ms 154ms	Script application/x-javascript	85.234.145.70 SIMPLYTRANSIT
General Check archive.org Show headers Download Go to Full URL https://pyrus.com/js/webwidget?id=op8MwGI5ORUgR1fc5wvO2HOwijxsLShYAfV~dx-tMXV8HwUw8cVs8oO0auDOjtyCU5w3vS48I0zFIiOxCY73k7p0A0Pew45arfd6tTie43knwDfch0OIbSx~XjD4sfXzzUacTA%3D%3D Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.234.145.70 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB), Reverse DNS 85-234-145-70.static.as29550.net Software / Resource Hash 0b4e47ef7f29ea049fdeae84667b677a3acb96f2912cf9321f953578f55d179f Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:21 GMT strict-transport-security max-age=15552000 content-encoding br last-modified Mon, 03 Jun 2024 09:57:55 GMT pyrus-request-id 3e0f8399-fa18-4239-8a53-ecb109435c25 transfer-encoding chunked vary Accept-Encoding content-type application/x-javascript cache-control no-cache access-control-allow-credentials true expires Mon, 10 Jun 2024 09:57:55 GMT
GET H2	200	telegram.svg help.hl39.ru/img/	686 B 553 B	74ms 72ms	Image image/svg+xml	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://help.hl39.ru/img/telegram.svg Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash 7225910a43185c25fa1980669f1bd4ed6161b89ed3b103f43796c811b8290a71 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 etag W/"665d92eb-2ae" content-type image/svg+xml
GET H2	200	mail.svg help.hl39.ru/img/	722 B 526 B	75ms 73ms	Image image/svg+xml	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://help.hl39.ru/img/mail.svg Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash 2d5075f7f7944b8e2832aeb8c4a4d70eb32ce88cf14ac4e7e2e9869000b29e1c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 etag W/"665d92eb-2d2" content-type image/svg+xml
GET H2	200	hl.svg help.hl39.ru/img/	847 B 524 B	74ms 73ms	Image image/svg+xml	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://help.hl39.ru/img/hl.svg Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash aec4f80ff9085cec7038968b406e1203c5fcdbe0f4e8297da00d99b6fa046f81 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 etag W/"665d92eb-34f" content-type image/svg+xml
GET H2	200	jv.svg help.hl39.ru/img/	3 KB 1 KB	75ms 74ms	Image image/svg+xml	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://help.hl39.ru/img/jv.svg Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash 2d53557985ef20b91a6a52df6043261a52257a5d80b76cddb397bf49d82bbcb2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:20 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 etag W/"665d92eb-a26" content-type image/svg+xml
GET H2	200	vlg.png help.hl39.ru/img/	6 KB 6 KB	129ms 129ms	Image image/png	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://help.hl39.ru/img/vlg.png Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash d2acd97bb7358115a79eaf4a5ba5ccf326f9a10632e203d66d6cbecdf590542a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:20 GMT last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 accept-ranges bytes etag "665d92eb-1715" content-length 5909 content-type image/png
GET H2	200	hedge.webp help.hl39.ru/img/	695 KB 696 KB	146ms 145ms	Image image/webp	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://help.hl39.ru/img/hedge.webp Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash e1e176877e02d951b85292e236d9ecbed6c5ad718e2a697209df1456dcbe3bfe Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:20 GMT last-modified Mon, 03 Jun 2024 09:54:51 GMT server nginx/1.24.0 accept-ranges bytes etag "665d92eb-adb16" content-length 711446 content-type image/webp
GET H2	200	css2 fonts.googleapis.com/	26 KB 1 KB	131ms 47ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap Requested by Host: help.hl39.ru URL: https://help.hl39.ru/style.css?v=1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 60087214ef03b79e066f7f3925da917832ea4a3d8de76734e7e6e0479769aede Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 03 Jun 2024 13:48:21 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 03 Jun 2024 13:48:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 03 Jun 2024 13:48:21 GMT
GET H2	200	loader_2_lras9c.js Show response cdn-ru.bitrix24.ru/b28265242/crm/site_button/	209 KB 54 KB	414ms 240ms	Script application/javascript	89.208.228.119 VK-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-ru.bitrix24.ru/b28265242/crm/site_button/loader_2_lras9c.js?28623708 Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.208.228.119 Reutov, Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS 119.mcs.mail.ru Software nginx / Resource Hash 86c2c2471ec25726940ea39d825f7993601db4c5f9510507ceb52aeb2a3115cf Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:21 GMT content-encoding gzip last-modified Mon, 15 Apr 2024 10:13:37 GMT server nginx etag W/"22bc86ae06fb7ba35f49336ae6c63771" content-type application/javascript cache-control max-age=172800 x-bitrix-lb mail-lb-02 x-host hb-bl1 x-req-id AR8ZMFrFmk server-timing t1;dur=0.048, t2;dur=0.048, t3;dur=0.000, tc1;dur=79000, tc2;dur=6000, tc3;dur=20 expires Wed, 05 Jun 2024 13:48:21 GMT
GET H2	200	-F6qfjptAgt5VM-kVkqdyU8n3pQPwlRFgtIU.woff2 fonts.gstatic.com/s/ibmplexmono/v19/	9 KB 9 KB	202ms 40ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlRFgtIU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fe6e561b983f2de1d36f2fabdf81a916b7168fd1e3865cd3bd42532f85be3a2b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://help.hl39.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 01 Jun 2024 15:46:57 GMT x-content-type-options nosniff age 165684 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8740 x-xss-protection 0 last-modified Wed, 26 Apr 2023 23:44:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Jun 2025 15:46:57 GMT
GET H2	200	-F63fjptAgt5VM-kVkqdyU8n1isq129k.woff2 fonts.gstatic.com/s/ibmplexmono/v19/	8 KB 8 KB	235ms 73ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1isq129k.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8bc4f83933a03c2059827a0228c3147ec4bee885c4ea0c363255dac2a782bac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://help.hl39.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 19:52:29 GMT x-content-type-options nosniff age 323752 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8328 x-xss-protection 0 last-modified Thu, 27 Apr 2023 00:17:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 30 May 2025 19:52:29 GMT
GET H2	200	-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2 fonts.gstatic.com/s/ibmplexmono/v19/	14 KB 15 KB	205ms 44ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://help.hl39.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 31 May 2024 17:41:12 GMT x-content-type-options nosniff age 245229 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14812 x-xss-protection 0 last-modified Thu, 27 Apr 2023 00:17:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 31 May 2025 17:41:12 GMT
GET H2	200	-F6qfjptAgt5VM-kVkqdyU8n3twJwlRFgtIU.woff2 fonts.gstatic.com/s/ibmplexmono/v19/	8 KB 8 KB	242ms 81ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlRFgtIU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff9257f12cc3f321f9f50fc51283d5cd68c545e8781d4123dcb88e5954136b80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://help.hl39.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 31 May 2024 18:56:21 GMT x-content-type-options nosniff age 240720 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8440 x-xss-protection 0 last-modified Wed, 26 Apr 2023 23:37:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 31 May 2025 18:56:21 GMT
GET H2	200	-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2 fonts.gstatic.com/s/ibmplexmono/v19/	15 KB 15 KB	263ms 102ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://help.hl39.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 01 Jun 2024 04:43:03 GMT x-content-type-options nosniff age 205518 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14956 x-xss-protection 0 last-modified Wed, 26 Apr 2023 23:36:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Jun 2025 04:43:03 GMT
GET H2	200	-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2 fonts.gstatic.com/s/ibmplexmono/v19/	15 KB 15 KB	250ms 89ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3twJwlBFgg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://help.hl39.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 31 May 2024 23:28:48 GMT x-content-type-options nosniff age 224373 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14988 x-xss-protection 0 last-modified Wed, 26 Apr 2023 23:44:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 31 May 2025 23:28:48 GMT
GET H/1.1	200 OK	op8MwGI5ORUgR1fc5wvO2HOwijxsLShYAfV%257edx-tMXV8HwUw8cVs8oO0auDOjtyCU5w3vS48I0zFIiOxCY73k7p0A0Pew45arfd6tTie43knwDfch0OIbSx%257eXjD4sfXzzUacTA%253d%253d pyrus.com/webwidget/ Frame AA5C	0 0	240ms 144ms	Document text/html	85.234.145.70 SIMPLYTRANSIT
General Check archive.org Show headers Download Go to Full URL https://pyrus.com/webwidget/op8MwGI5ORUgR1fc5wvO2HOwijxsLShYAfV%257edx-tMXV8HwUw8cVs8oO0auDOjtyCU5w3vS48I0zFIiOxCY73k7p0A0Pew45arfd6tTie43knwDfch0OIbSx%257eXjD4sfXzzUacTA%253d%253d?&userName= Requested by Host: pyrus.com URL: https://pyrus.com/js/webwidget?id=op8MwGI5ORUgR1fc5wvO2HOwijxsLShYAfV~dx-tMXV8HwUw8cVs8oO0auDOjtyCU5w3vS48I0zFIiOxCY73k7p0A0Pew45arfd6tTie43knwDfch0OIbSx~XjD4sfXzzUacTA%3D%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 85.234.145.70 , United Kingdom, ASN29550 (SIMPLYTRANSIT, GB), Reverse DNS 85-234-145-70.static.as29550.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://help.hl39.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache content-encoding br content-type text/html; charset=utf-8 date Mon, 03 Jun 2024 13:48:21 GMT pragma no-cache pyrus-request-id 6df40769-50d8-42e2-87e9-941ab70f9eb2 transfer-encoding chunked vary Accept-Encoding
GET H2	200	call.tracker.js Show response cdn-ru.bitrix24.ru/b28265242/crm/tag/	31 KB 10 KB	123ms 113ms	Script application/javascript	89.208.228.119 VK-AS
General Check archive.org Show headers Download Go to Full URL https://cdn-ru.bitrix24.ru/b28265242/crm/tag/call.tracker.js?28623708 Requested by Host: cdn-ru.bitrix24.ru URL: https://cdn-ru.bitrix24.ru/b28265242/crm/site_button/loader_2_lras9c.js?28623708 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.208.228.119 Reutov, Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS 119.mcs.mail.ru Software nginx / Resource Hash a8ade9afda1eb2e989988e3ff486f82f391c7f8f43f81aa5b192e332db0ef299 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:21 GMT content-encoding gzip last-modified Wed, 13 Mar 2024 12:19:50 GMT server nginx etag W/"b0dd84585991fb3cd15fdbec7cbe16be" content-type application/javascript cache-control max-age=2592000 x-bitrix-lb mail-lb-02 x-host hb-bl1 x-req-id 1wNj9p2sqh server-timing t1;dur=0.034, t2;dur=0.034, t3;dur=0.000, tc1;dur=80000, tc2;dur=1750, tc3;dur=15 expires Wed, 03 Jul 2024 13:48:21 GMT
GET H2	200	styles.min.css ascmedia.bitrix24.ru/bitrix/js/imopenlines/widget/	629 KB 198 KB	324ms 135ms	Stylesheet text/css	178.132.201.50 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://ascmedia.bitrix24.ru/bitrix/js/imopenlines/widget/styles.min.css?r=1713176017-23 Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.132.201.50 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 61f404964a16bb9eadd3f09a8b92cecb510b15fa983220d1cbc4f660f5ba25cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:21 GMT strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff last-modified Tue, 23 Apr 2024 14:14:30 GMT server nginx content-encoding gzip etag W/"6627c246-9d3de" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=2592000 x-bitrix-lb lb-ru-04 server-timing t1;dur=0.017, t2;dur=0.017, t3;dur=0.000, tc1;dur=66000, tc2;dur=5500, tc3;dur=20 x-bitrix-ri 82cc52e850598cd6e44946b0c7cab26b expires Wed, 03 Jul 2024 13:48:21 GMT
GET H2	200	script.min.js Show response ascmedia.bitrix24.ru/bitrix/js/imopenlines/widget/	1 MB 346 KB	342ms 153ms	Script application/x-javascript	178.132.201.50 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://ascmedia.bitrix24.ru/bitrix/js/imopenlines/widget/script.min.js?r=1713176017-23 Requested by Host: help.hl39.ru URL: https://help.hl39.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.132.201.50 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 8c3e62efd022830e96e7f04a80b1f7079840f484290163a0fc137035056b210f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:21 GMT strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff last-modified Tue, 23 Apr 2024 14:14:30 GMT server nginx content-encoding gzip etag W/"6627c246-120d8d" x-frame-options SAMEORIGIN content-type application/x-javascript cache-control max-age=2592000 x-bitrix-lb lb-ru-04 server-timing t1;dur=0.035, t2;dur=0.035, t3;dur=0.000, tc1;dur=66000, tc2;dur=5500, tc3;dur=20 x-bitrix-ri d2a0dc203e3b359923e1ae87aa2cf9dc expires Wed, 03 Jul 2024 13:48:21 GMT
GET H2	404	favicon.ico help.hl39.ru/	275 B 326 B	79ms 78ms	Other text/html	147.45.106.128 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://help.hl39.ru/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 147.45.106.128 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 2241989-cq54512.twc1.net Software nginx/1.24.0 / Resource Hash 0fcad775f1f096cd01b626e44b606df3a291d167bf7c6dbb2c890bd21299ae24 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://help.hl39.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 03 Jun 2024 13:48:22 GMT content-encoding gzip server nginx/1.24.0 content-type text/html; charset=iso-8859-1

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| b24Tracker object| b24order object| BX object| babelHelpers object| regeneratorRuntime function| setImmediate function| clearImmediate boolean| _main_polyfill_core object| protobuf object| BXLiveChat

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://help.hl39.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ascmedia.bitrix24.ru
cdn-ru.bitrix24.ru
fonts.googleapis.com
fonts.gstatic.com
help.hl39.ru
pyrus.com
147.45.106.128
178.132.201.50
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
85.234.145.70
89.208.228.119
0b4e47ef7f29ea049fdeae84667b677a3acb96f2912cf9321f953578f55d179f
0fcad775f1f096cd01b626e44b606df3a291d167bf7c6dbb2c890bd21299ae24
2d5075f7f7944b8e2832aeb8c4a4d70eb32ce88cf14ac4e7e2e9869000b29e1c
2d53557985ef20b91a6a52df6043261a52257a5d80b76cddb397bf49d82bbcb2
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
60087214ef03b79e066f7f3925da917832ea4a3d8de76734e7e6e0479769aede
61f404964a16bb9eadd3f09a8b92cecb510b15fa983220d1cbc4f660f5ba25cb
69d8a3abb109d6943a74f787ee01e876ca80c8dabbcad0f27da04fcd43227df8
7225910a43185c25fa1980669f1bd4ed6161b89ed3b103f43796c811b8290a71
756026ff72eb76fd971ac4b7504cec55eef62109d2684c2cad8da32170b80b37
86c2c2471ec25726940ea39d825f7993601db4c5f9510507ceb52aeb2a3115cf
8bc4f83933a03c2059827a0228c3147ec4bee885c4ea0c363255dac2a782bac4
8c3e62efd022830e96e7f04a80b1f7079840f484290163a0fc137035056b210f
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
a8ade9afda1eb2e989988e3ff486f82f391c7f8f43f81aa5b192e332db0ef299
aec4f80ff9085cec7038968b406e1203c5fcdbe0f4e8297da00d99b6fa046f81
d2acd97bb7358115a79eaf4a5ba5ccf326f9a10632e203d66d6cbecdf590542a
daf9588a5f6e59d42294e19e57ead1e9f37463698dd7d9da9fa884f0b045801c
e1e176877e02d951b85292e236d9ecbed6c5ad718e2a697209df1456dcbe3bfe
fe6e561b983f2de1d36f2fabdf81a916b7168fd1e3865cd3bd42532f85be3a2b
ff9257f12cc3f321f9f50fc51283d5cd68c545e8781d4123dcb88e5954136b80