habr.com Open in urlscan Pro
178.248.237.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://habr.com/ru/post/486856/
Submission: On April 21 via api (April 21st 2022, 8:33:21 pm UTC) from US — Scanned from DE

Summary HTTP 206 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 23 domains to perform 206 HTTP transactions. The main IP is 178.248.237.68, located in Russian Federation and belongs to QRATOR, RU. The main domain is habr.com. The Cisco Umbrella rank of the primary domain is 145791.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on November 12th 2021. Valid for: a year.

This is the only time habr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	178.248.237.68 178.248.237.68	197068 (QRATOR) (QRATOR)
10	2001:678:5e0:... 2001:678:5e0:1::28	204671 (HABR-AS H...) (HABR-AS Habr distributed network)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
5 5	82.192.95.170 82.192.95.170	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2606:4700:20:... 2606:4700:20::681a:da1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 8	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4 8	178.248.233.33 178.248.233.33	197068 (QRATOR) (QRATOR)
5	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
5	2a02:6b8::1be 2a02:6b8::1be	208722 (YNDX) (YNDX)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	3.224.1.22 3.224.1.22	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
9 12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
6 12	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
6 9	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.156.209.127 35.156.209.127	16509 (AMAZON-02) (AMAZON-02)
1	87.240.190.72 87.240.190.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
206	33

16 178.248.237.68 (Russian Federation) 1 redirects

ASN197068 (QRATOR, RU)

habr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:678:5e0:1::28 (Tallinn, Estonia)

ASN204671 (HABR-AS Habr distributed network, EE)

assets.habr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 82.192.95.170 (Netherlands) 5 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: beta.hstor.org

habrastorage.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:da1 (United States)

ASN13335 (CLOUDFLARENET, US)

hsto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:20::215 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.248.233.33 (Russian Federation) 4 redirects

ASN197068 (QRATOR, RU)
PTR: habr.com

effect.habr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn-plus.roxot-panel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.1.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-1-22.compute-1.amazonaws.com

pa.rxthdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.35.236.247 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.45 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.209.127 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-209-127.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.190.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	292 KB
34	habr.com 5 redirects habr.com — Cisco Umbrella Rank: 145791 assets.habr.com — Cisco Umbrella Rank: 296052 effect.habr.com — Cisco Umbrella Rank: 257021	524 KB
31	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	598 KB
26	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	232 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	11 KB
10	google.com www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	3 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	9 KB
9	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1421 mc.yandex.ru — Cisco Umbrella Rank: 2877 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 23628	265 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9032	2 KB
8	yastatic.net 2 redirects yastatic.net — Cisco Umbrella Rank: 5510	157 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	221 KB
5	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 9096	398 B
5	hsto.org hsto.org — Cisco Umbrella Rank: 215069	416 KB
5	habrastorage.org 5 redirects habrastorage.org — Cisco Umbrella Rank: 206823	880 B
4	google.de www.google.de — Cisco Umbrella Rank: 5383 adservice.google.de — Cisco Umbrella Rank: 7579	2 KB
4	skcrtxr.com cdn.skcrtxr.com	92 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 45512	757 B
2	rxthdr.com pa.rxthdr.com — Cisco Umbrella Rank: 32334	391 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	gstatic.com fonts.gstatic.com	33 KB
1	vk.com vk.com — Cisco Umbrella Rank: 4331	488 B
1	roxot-panel.com cdn-plus.roxot-panel.com — Cisco Umbrella Rank: 70596	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
206	23

	Domain	Requested by
28	pagead2.googlesyndication.com	securepubads.g.doubleclick.net habr.com 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
26	s0.2mdn.net	habr.com s0.2mdn.net
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com habr.com 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
16	habr.com	1 redirects habr.com assets.habr.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
10	assets.habr.com	habr.com assets.habr.com
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	effect.habr.com	4 redirects assets.habr.com
8	mc.yandex.com	2 redirects habr.com assets.habr.com
8	yastatic.net	2 redirects yandex.ru yastatic.net
8	securepubads.g.doubleclick.net	www.googletagservices.com assets.habr.com securepubads.g.doubleclick.net
7	www.google.com	habr.com tpc.googlesyndication.com 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
7	www.googletagservices.com	habr.com 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	habr.com
6	yandex.ru	habr.com yandex.ru
5	ads.adfox.ru	habr.com
5	hsto.org	habr.com
5	habrastorage.org	5 redirects
4	googleads.g.doubleclick.net	1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com habr.com
4	cdn.skcrtxr.com	cdn-plus.roxot-panel.com assets.habr.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
2	d.adtriba.com	1 redirects 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
2	pa.rxthdr.com	assets.habr.com
2	247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com assets.habr.com
2	fonts.gstatic.com	habr.com
2	mc.yandex.ru	1 redirects habr.com
1	vk.com
1	matchid.adfox.yandex.ru	yastatic.net
1	www.google.de	habr.com
1	stats.g.doubleclick.net	assets.habr.com
1	cdn-plus.roxot-panel.com	yastatic.net
1	www.googletagmanager.com	habr.com
206	37

This site contains links to these domains. Also see Links.

Domain
effect.habr.com
github.com
www.cnblogs.com
www.busybox.net
ghidra-sre.org
www.qemu.org
hashcat.net
www.xiongmaitech.com
web.archive.org
archive.fo
twitter.com
telegram.me
tmtm.ru
qna.habr.com
career.habr.com
account.habr.com
docs.google.com
habrastorage.org
tmtm.timepad.ru
www.facebook.com
vk.com
www.youtube.com
zen.yandex.ru
company.habr.com

Subject Issuer	Validity	Valid
*.habr.com Sectigo ECC Domain Validation Secure Server CA	`2021-11-12` - `2022-12-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
yandex.ru Yandex CA	`2022-02-17` - `2022-08-16`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.dmtgvn.com R3	`2022-03-25` - `2022-06-23`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.skcrtxr.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
pa.rxthdr.com Amazon	`2021-11-20` - `2022-12-18`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-04` - `2023-04-03`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://habr.com/ru/post/486856/
Frame ID: C0464DDAA6781287D66BA9E24CBB3BDB
Requests: 73 HTTP requests in this frame

Frame: https://yandex.ru/ads/adfox/406261/getBulk/v2?dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&date=2022-04-21T20%3A33%3A15.805%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=307350945&pr=3983808701&prr=&pv=20&pw=4&extid_loader=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&extid_tag_loader=habr.com&ylv=0.571603&ybv=0.571603&ytt=116000087474181&is-turbo=0&skip-token=&ad-session-id=2856001650573195811&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A780%2C%22h%22%3A200%2C%22width%22%3A780%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A252%2C%22top%22%3A6111%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=571603&available-width=780&available-height=200&yaru=true&pp=h&ps=fnps&p2=hnyb&puid1=post&puid2=f_develop%3Af_admin%3Af_popsci&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid4=no&puid5=%2Fru%2Fpost%2F486856%2F&puid6=ru&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&duid=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&pcode-test-ids=571218%2C0%2C53%3B568462%2C0%2C68%3B551984%2C0%2C57%3B568041%2C0%2C44%3B572743%2C0%2C4%3B552090%2C0%2C1%3B564391%2C0%2C62%3B570938%2C0%2C86%3B571036%2C0%2C49%3B571034%2C0%2C95%3B564895%2C0%2C91%3B555795%2C0%2C35%3B406668%2C0%2C96%3B571603%2C0%2C66%3B564283%2C0%2C87%3B565224%2C0%2C93%3B563297%2C0%2C49&pcode-flags-map=eJylV8uO2zYU%2FZXC60FAUtQrO0qibCIUqZCUPU4QEGk7XQVF0U6CAkH%2BvZeSLFuyR56gs5gXfA7v%2B9z7fcMVKyT3pa54af1hJxyXwrrN24%2FfN98%2Bf%2Fn6tHm7cabjm4fN89M%2Fz%2BJ3%2BJuSHMX55senh00lbI%2BveM066bzb8YZ73rTu6KvOMCe0usuVRj1XwyvBfC2ArhAOsNy3RmgjgKtmpdNmxoTeoPCFr9hoz7bXsgNTis45rTxTork2ZnD%2BiiDtCTolam0A9RrIEI1yx9QWgilF%2BQ5CYXS33Xmpt6KccYAvYMnJtJOPM86IpIT0nGOC9m0%2BJmk9nBSnOb4EnqMK6RVu5xvLw5%2BOG9%2BpCr6zovJayeMd4piSMbLMglNq6%2Flj62vJ4JflU94d26vseQgnFIoVhlenDK%2B%2FmUYJjl54885jM2K8ZCXJxDravtOKH1vtIBLeNkxK33JTcrXeCTGiJBrCbfj7jlvn9w0DC41u%2FJFBeB%2B96dYpSBqRwUm70wcvWcHl2YqhSNYZIoRRPjlkO7PnRygWtecGOlJ7xQ%2BeVaXh0AF7Pn5gRrkXFddzTpxkeOK8Qnvgtst2%2BpbkOP8DnFkjCkYJC2UnVK29FOrdunNQdVG8zNZohJYVMPrJNqGgqhWTvtFVJ9eLK45jFKUTcYhRGQIO8Rr70%2FHHO9kHioxeNlunbNe22jiocKlZ6C5bGtE6b03pD8woobZ3ONOYns06zdd%2BpPS%2FMXDW9q20g3r%2FoJXr%2FR0sZkIuSh%2FG3nbxQIay7FUP9Kkq%2Fxf91F2vMPU6FDOq17Z%2FiIycT0kchGJGnUQpPVNbN8zYGzUdp5iiZIZNoSIHLKtq%2FegbSO1eWFEIGQwA5%2Fpgzmie%2Fv1rrhlpFKGTzIyVEixnTXuJe%2F7769MMlkX5CIMpbm3ooiXm%2Bq0JdNPeAkw%2BKD7LxUdo2oSkDyQGpY%2FhR5Zl%2BCGKKc6yBxLlcRR%2BxChNHkhCKY0eCCIQ5dNHIpQnCcBTlCMM8JTS7NNsBucY4dEmbzlXXhcwFPZzMzZPf37%2B9cvTXBkTkg%2F9UQvwBfzfcbHdOa%2FcehhoHI3K%2BIEr4kGEQIq2yhPs30dQArz10SpBTEg%2BDOoWWqR03rgC4g8jjK%2FiUpLHg8Wl7lQ%2FkR93ZhWSpdkotpOI%2BEo3TKg1GOSDRKOyhYEeiqPUTaF93UkJgwjivIrHoERoim1h9DtIDMTVb42o1pFpnCU3DQ4TxhlRrMKhdpLB34OottwFy9uw7qyiIopxes5ocBJWnAp2nGEsrWEpphk6Y09jsNAmtKJhlejsL69kOLLg7eCmZ%2FLAjnYdGZ12tKpuoRBtqxW0sxMN191ccshycFGKoiFSfXyCzNvllnL1Xgw0FwPA8DBxTu%2BFmboOp2lKruGiDtp7COPzXl29wHAyYM9kN8tWhG6jp2Ml1LRQLSQZ5KpZfzvBY9fe3T2W0BghOqwekoN0g3QZEAlmBFsEnCxhY3oXXWg4bAAVrAavbMewoYy5ZsaG%2Fdqxc7lwY0Aw4Lq45IgX%2BkmHvFsLsgktbcUHvl6bCcKjWEyKCgKxF%2FwQ1pp1aJqM0PAMVIWyYYmYlGYVnKIkHsENg7W10ZaJMsTO7lgFezFMk3UCgkddmF0jA5tdn15nbBjple6mjehuc7zwbD%2BAgkC%2FEnyxuB%2BYcLAl9utALQycFEzZAxTtzXs6nqcgowkZz5EWluLhGjmdJqx2fe0bLeWdzQvn2fnYm61sUMvhe8skd3ChK9bMB63sxbjYLuxCFC8dDStM2OALA5IhRe38qMjhLd2VuxlvzaTli%2BilNLrVZ6cjYSgco%2FW8bn97%2FjJ3lqCxbsMwFVUfo362cMkbGK42UDvhen2oji%2BV9FUUE3raOKZNOiyH8Ah89OpIve6IfFwzL7bnn8FjNC4DcA3BWQTTmrX9mQQLyM%2BQ0Ck2I8I3nXSiYEoN982ynJYBTmiWD3N0a1hB7sy89PKz%2FcSaDThM0Nrnb4gojl9A3FqH17ZvlCRJdtbe5bIKwUpQtAhf%2BM%2BPTz%2F%2BA5wUmk8%3D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Hw5iaVmhs2oADusGVhZQzNbS%2B3Ly9xlZG4%2FG1fR0t1smPpIhCAA5gu0WxN0zeAu1sEvNamcWxs6273kzKDyO5RjAC7I%3D&top-ancestor=https%3A%2F%2Fhabr.com&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0NTl9CjOkpJDbOIqBGFDXD7qjn9FD02hE-8o_ZbQQ0duVZhpRXMP7u4qIMrNmwqISUZHxuLBtEyf5mz9-b3g_t-_cviHq1pQ2Rf0G-jyAaxBjVUEzchvRnyZpum4iisaKMagYgxirigEs3XG6W5Ln5KSblaCTuY3d0XXHrmbzi1MMdif3m4fh5mwi7sXugmJyOc2sXZDNDkFp2eZzW5H4LVW3wwUmjCTtEB5Yb7bbYWF3r3HPbeqizgIQFpgsAEYFj5IUuGSLkgTbrOgl66lzsokxUHglGdksXnO6l22johmXCb16PHtgutVoxVlR8ASC6hnnwD3vXk0jMxnF5jN2RUmCU4zCb0bJ9gHH0n1gXFzqdjbOOno1z7nP7saZ6WZNtZke7xJZgNuCs0BABYcFZqck7gcEKguADhOUwwYBFTxUcFmgsEBlAaYPPMAcGGBZUFHBRQVn5IDFAhMVSH2lHGAwUYHGAjFAX65AuxyoLJBRwR7YAHWIQF3uWCBdGlBYoKICYWAA6JkH-cJAZ4HaKfF5BtcR4vNqc4X4RjGcKgTUnxxfFFnB5z7z3T4ESCjcmjyzWFsiiphN24CEAvqW7ABoXcDUWc-Cl8a73K41-S6Nyjfb5uxA5e1a9L7VNPl6cYz-FBrZWgGwC9ZpeEY7VsbrnGLwFCqrdBN3uNOmf66Yat0cJ3PepWG8_2qeq85vr7CZf_fEq2-oeWcoicViChEznTAq-7dyk5xap1fsWdpddFPa7QVerFBCKRMj0sltBCZhhKxVXNqNeujGsiKK-fCzyxbiuwV9gHfPaSlBQmFwJU5jZ93AxOSYzbKqSRHvXU1aciJUTMzt4hQaGclqNm3ZTuZnyfJ12aKVzMCpa2bLzZxnWxFrmXmI6QoeFhptbvzqZW6VNN3gZVPiGzaFsLMAv-S6Lxk-8QcHFYhLjsGIJJMFAgukji9qGmcBmJxm9BWnUKjAIH9fodYyci5RiqgItZtM6J9qS7jV1jEx0-n3W0hCBiiY6CaXV4zKXVqCdaIDtbOAn7gNwkbzSGXkRU5kPxW06PvYjVSBAPMoDdIjLYiP3K_YuQd1igfGuT3Md41krgH60kCbUAkiUiUA5CMmiBPhAHsmoE5MRKJAMN8iKA9k4EwzoCNVKEBsvEIF8haLBXw4-fPJdG-aL5Do6cCXz85wehUyBbKiYuOdFuQFCvPxDuNxlYIqaaYGPd6NgvEWKAHbEtP6hdX4VcIprsGjoAlVFs4ZhFiPJxJafTXTKJ5TJdZ6th_AREb6ycODKL1EbkmW-aBw8bVpzQcxKPAYyGFHCRKm3Uwzc5DcYcwdNWnJLq8sVRYDJGSFYGKu95bIAhHSJdCFmLllsQW50xQcoxXKQuPBGKMpI6T1jCecAJ91E49XqiCQ0Oj9A4AjMKNwqxBR_4qG-qCyYRXk72gSMhKyzgKjkxITIEKwi_5yVRHyH_FIA8fA6XRWe19mpvsISEMx8zzdT5IlERKn2BihSkK6Ofm4C-IBBvP1f0CB-iD2MHvAwD08ECbwAFFWQxRZu-8SFKe6kjOi-CB57iGjE8Cvy2cBP44X9E3n6f5NBihoExZ0yUYAVKBOr-NJP4Q-TB4ZDhuQv4o7AsC4Z_0UmK7uGKNzAi86UkD-7sB622up76SHigqw4xJAUWooIzn0nptGyFXCCANwSuB2IeA33zeF3wbvYIEE9I2CiehD540sZna27dieuDPG1g3D3GZM_A2WnJVNo_Nu0_q1_v68fO_eXb0ue85ZWS4NU0_GwkevtptNccd-64KFfNa8aq3F5datlOadb2fVNyDu-DwSIZKNmkdIEiElbjOdcqOnY9i7Lm4dpY-ptMyWbc0N5rlGi2o3_1-LJWo9GTdqvFhd619fc7hzeOWWjveH-HXTE-wYgZm5Srgp3I_0yDO5WZ3zjF4dNuL-rBvrJzLX0o1od1TBS2iI-9yWKZmcV05uZ-A3oaXRIjpHSA90GPXkTxoMPaXSbMR7jvXvJGSkxOIOa4Am7LCSgf5WoOf36hb3FDx_3JyM6disvGqnd_Z6NYedShquX1a46r3OovJL2JfmpDyXD82ZlZuNGnNY0aqnD_2YKPtODV6Nr7hH6pzq3yVdwOSN22x2f38HTCbyyTvFDUgnG-_AzqMhN3g_ofxyW9DCt3MoqHZRnMPXCJ2aXvX0dNffvt3q6_w-nyGHT0RCKDI8C_EyGv99LtwqaLpjbIGSUZdvXmUPl9n6G0YUfCJishUWvrwN6utj_oJl9L9IVvXKPInLXYYO-Ve8qNCt214se7qNH2MiVHPP8CzGe_2yW5d0VzAErC0xinFZ3LH0OU-qDOe86MMLX00EHV93hPhOedgR8gzDSgQiEYfDEXu2fzMnid-JiMtNlSeyRAiJiAnhkyASr355TyyNT9yffb7a5-g_W16ZeOQ13xyOTV1k_XIiYmISIhKEIkbew0mk2xvsi966mV3x72OOR8eP97zAgwj68h-YE53qlDj7CpSf_xfQTqPzKF3tveTWjjGjn6e-vnwBXS_n0zPZlpEfHqyn_0Hw1aj2LfDHTuuM1yFKZ-FxdYh5jGRrvOaN2cvXA3x1Q8wfT52ianHJXfMMvckiUIx49Mq-GASBGQjw3xwcs0jdfqo71u2PgeFuK7S_XFKt20MfiIqto8V3cov9aOn0VKftk5NI1B5fMnpx1QDr64ntZ7SYxDU2-0L6JSzL0aiCvwH-TlNQGr5ogJiHnFbcPVdg_f0aD1dNRytOM9ly1kLJylJzkq1bk03Vs27mzGH0obWZ7uRlvS08GDhh4uBhQzvxfCZeBt5r_wukzq385rONOg4eBjyc9VnD4VQfXSmYeuHlK9KY2zw4-hmtpkbZtxmhuugm7OpYCuQXc8iQVpihwkT8BfT-045K6rSrHzoetnI3ccfbILXiTwJPDm7F8dPLz-eva5yAR7Xh9SrVdKKrfk2q1XZ1ay3H29yt_vBlw5JAt0PrnMf419jka0MaeYoycWDwbia51CJIHe9iMjsZeYHcrrKscrAedUdc7Dm8cZhy3bLd_Ff7x7quqmEsqyPtxcn6Ds4gfFMIB0JoHQ42RCcZD_SpSnfo7xDPKf5zmgvQfprsxPMYDWM_8L18r1m99hAs7ytlgTENbFVORp_Z1ygM9fzKpJtqXvRrE3SWpl-jyqw7qSjokVWNKm9VkHc7nsIPNDkGGrzX8LTdOJrkL96jzJWZHywn3fvez9RfIX43JAvmOYY-bphggYL5yamkqB62q03cJdevlDtEZXOWjVeC-7Z2Bm8gNHghcD5-WdvB40pcdep0luVCo8RMPv8Ekx2cnxvv5Oxz2dHFbRIEG8VeHDt3JUAJ9kGGxpZYdchYcZ2TRyogPg3-FdWDyetvvs4Q6lwCCAIANSpwhtEomQHimUQgcQv_L14RD6XuXftGNFvn-tVUOg8p_aVTJJsvuyTx2vogjE_4TfVz93b1xWeu9rjrTdhAmvS8IJ_9Ay9Y59-SrsZMZG74xcaCmJ6ZwF1ilDGFZ2BSvfcpGutEq6yh9OKOez85cT2-P04IZN4cX72UDsLoU-nktsfa3cxY0LBFHC3NIq5tiKIbF8XnwMTFwd6h68ojzVQgLMjhOYoh4QADviA1EjVTgsjL6c0tj_g2n77Nk4mNVMxp3VzTJ_1yiiD40GVqXYQbZ7_DfL2hrjc5FXeY9qNE3IVh3NAmTcMLmwAmxPR-OEDGhQEDJgwV2pJlTkmVysuZuaAR86Valubj0wBzzjYt0sA9Hg5c7dwaL8pLdxENNemrdOPRbEv24-SYJqeA4RBhft5RCzQoWwKlQB-b73cGC3IUXqrH2O2GWK9EPKVM0rA-kszEXxs_0nfjbGIaEoGqoscUykDCGdefFiK4jT2YUdxZB5m7wONYho0DDw_po62ijcFeQohObC63nh5fXsVai7UE0_rc3RFqUcaaWaB_ntIJ1zpOsWH0ZhY1EhPDxcWS4MLFJZmAccL7EJHf4cagG2cIehyuU-jC3fk4aS9caxcXLlbckTefNlKviDDwa0vs-PXghXbuRRKful3XMJk5qLozxtKftmsVfOPzR_384NfJVYN3zxxsVtWAOHUqOp0BYa-PKKO1RzzipwvuWVWLPw0qpby962GEIoo7jKjnZ9OWp-Wbib8NzWtfu0Ug2HQbcW8uCV0X6PFiZ65uxhUrx1x4FEKznBzX0PT0IhhhSN6du_qg8NeTKiyMEyNnR24cwuEV90Y-fDGpmDQWHEIseJ1cblTyR7ok3QrPJn-sS8RPeTHi7PCLvasiWgHVd4LW_y-04tJWiAYg4uJA6-TcNTPGWBVs2Ls3AHrl6qN12OzDrX5ZzR1v1M-M1tdKk7WujtFJSdCIvtVa-Gspv37Ge1_N_nS2MYf89j7iYIOGXl7Eh5B0gv40v-HXi_dMy0NaPO8OOcXajmZEdk6yikoW1hjb4MxgNcSVWF1pXP9zbadg1DM5MSuYCNaq_eY76hLcLVBskWoXWK2YiYBSrmwzNsAewBFjwzAPEE8I0QrFFx3IBRQ7CInwRSN5AXKFwVG8KCEeHpIrh4zG5bnF8pihQbEADAedlIQYckSgecREpKSQI-KsICJCCDkigIHug-9CjhBeeRMI6ESIQlpFIY9ypQsl9NE6azlJyGrj2pKHn_h2h2_-Nn-BV7WIsEQ2rNtqePG-6trdabyqzdt09iww_TahhG-2EyI42HBu1URvdwJ4Xh-WooJu27XG4DnxFXwozsSMarAN-RpD7T7S2MCwTd8OTmuoMDqwOUQYh4zfOEUBofodGqwYeYyoiguK-OBkaStQNBvqTWqKk9V4anoTLKtGM--9ajxEC-9mj6rb0FyNXAN0er7MvgJ_afbGJ-fy6cU1XBFetgWFL4IX-ZFVJK2a_RXWGpvY8Pq4qgph3a9m2WpxYQrxBMnVRlH7y4D6M6p_sRkEjDnUOj_nHbDf657mNP1dU4cYOCaQxaQbyjzdH-3ityGviCyOLVHRBEtuCf3P3MeB7XCH-nrivZubwa_BSAw8rFZBU0nvHnjBnVcd3uhMoldT8e6lA6Bx&tga-with-creatives=1
Frame ID: 3007E65824AD6C133BBFB0D0AE1F3E50
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 708ABC68223E06FD033518E566085C75
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E14C21863129E54138AB422817EBF4A4
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: D747DA35426B8E72BB65ECE9CEA75C79
Requests: 8 HTTP requests in this frame

Frame: https://matchid.adfox.yandex.ru/getcookie
Frame ID: 58B7E383AD55B17AB0F90014D65278D3
Requests: 1 HTTP requests in this frame

Frame: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1F6BC815A3472C1DA5B15EFA306DDE29
Requests: 1 HTTP requests in this frame

Frame: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8AAA3FC67774B1CAB15A5F1A9653D577
Requests: 1 HTTP requests in this frame

Frame: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3E7E0B22913CE9BE70F486E09C7467B9
Requests: 1 HTTP requests in this frame

Frame: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: AF641013D322FB3A878FE98E5E824E33
Requests: 13 HTTP requests in this frame

Frame: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A2375FDEF9BA446D7D15D8B8BDC3CFED
Requests: 14 HTTP requests in this frame

Frame: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D5E2AC65DD513B61481B624679D40E33
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33D6E5B9DB43B5DC1A4C715BF3E8EE76
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C13E9DEA522A62998C7CF84D6492671
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86908CF1EA8D6D6B8E3F7E6C13D8BBB6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 517DE2C72984DE74E8BDF19CAB1D908B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DE20A6E80B5E0B104EB18A588C24BE0E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81C015B50BD52CAA30B1514771BE5D88
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiMgfu-ATAB&v=APEucNVLx5DocDVJhaDPOzYQb6c7sMYZOqIkERLeiD7zc7owTburss7mioYZah5AH2LQ2YeywJ-rVLO_f7dEZQus65G0qx4e1TEo5Qc1NNmmbTr6U02_-amQRv-JUGZSNXuTKcrTkSkt7GJJLv0Gm8Dpg4rbE9oAA4xxghqEcOhZv4J1bjkPLeQ
Frame ID: 9BF3D216A38BB3DF742FEEF3DFBD64C8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjJhvu-ATAB&v=APEucNW-qikOosIdr3F9Vibm7MPq-6n7bOFVf4eMTxZ3uWRTFNQZ1cKHyOujrdreXf47ndd18E-OFkIcKExbf7W057Er-6qd6VQQhtWQKz7Nj_bI5reqIwp7PckPD8ZMIWFLrsVLSYHsIdn_4ZDQkT2IpknacPtal9aeNBcggqZLJUNDZzOVWD4
Frame ID: A06674FC69E3F29D4FA333ADCDB9849E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiV6ayaATAB&v=APEucNU1QaRFtEPcNP-XZtHG8g2waa30LUBel81m8iKgz0Vrooz7mowcIARlEdWIjXHFEHEeSZmWU9xrQ8hBK41yt2u1MFgALgzFuc7CYgdYzgqInfo7ZVxy_msQhARNUGHoDFh2g4683qnZub1FLKXObu90BOzNi_ugx5MackldS_OMLmkk35Y
Frame ID: 1BB3E01542A942ADE1F1DDD4422E7569
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A229F8DDE09F3E400D43E3397701CD4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8CD0441D65C38106452C5DF8D2CE6C10
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
Frame ID: ACD01EE2EEEEDEB8EF02C586C9AD185B
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 290A5A552202E705B18B3689AFFDD138
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Full disclosure: 0day vulnerability (backdoor) in firmware for Xiaongmai-based DVRs, NVRs and IP cameras / ХабрХабрОткрыть списокПоискПрофильОбновитьЗакрытьВсего голосов 19: ↑18 и ↓1ПросмотрыДобавить в закладкиЗакрытьКомментарииВсего голосов 4: ↑3 и ↓1ПросмотрыДобавить в закладкиКомментарииВсего голосов 20: ↑16 и ↓4ПросмотрыДобавить в закладкиКомментарииВсего голосов 7: ↑5 и ↓2ПросмотрыДобавить в закладкиКомментарииВсего голосов 148: ↑127 и ↓21ПросмотрыДобавить в закладкиКомментарииВсего голосов 38: ↑38 и ↓0ПросмотрыДобавить в закладкиКомментарииВсего голосов 56: ↑44 и ↓12ПросмотрыДобавить в закладкиКомментарииВсего голосов 39: ↑35 и ↓4ПросмотрыДобавить в закладкиКомментарииВсего голосов 31: ↑30 и ↓1ПросмотрыДобавить в закладкиКомментарииПросмотрыКомментарииПросмотрыКомментарииПросмотрыКомментарииПросмотрыКомментарииПросмотрыКомментарииFacebookTwitterVKTelegramYoutubeЯндекс Дзен

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

206
Requests

89 %
HTTPS

67 %
IPv6

23
Domains

37
Subdomains

33
IPs

6
Countries

2900 kB
Transfer

8205 kB
Size

28
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://effect.habr.com/a/baKEWDjSdZE1KEl7C8wubC9Ell3JKduWcsYdQnqPmDPKoGybmNX-GA9xIFSLg6nvQt8KNnd57illZRANw7HkKam_VzpudMDa4vzb3rG0T53lCdn8kOmmLv39HmvRhE8cPzWuBNUrr_2kJJ6fH9bI
Title: Питчи Недели аналитиков

Search URL Search Domain Scan URL

URL: https://effect.habr.com/a/4OWJHUPqNU-5rd91jD6aaNmNUACCr4q9TPFA5pzboZx-i0oLCe01783tMZCjhqYEAMuy1cbPS3-qRexJ-4PpvVayP5WPQqbSzu82iEd4EhkavRNQHZw
Title: Экспресс-тур по городу ИИ

Search URL Search Domain Scan URL

URL: https://github.com/tothi/pwn-hisilicon-dvr
Title: most comprehensive analysis

Search URL Search Domain Scan URL

URL: https://www.cnblogs.com/mmseh/p/6537924.html
Title: https://www.cnblogs.com/mmseh/p/6537924.html

Search URL Search Domain Scan URL

URL: https://www.busybox.net/
Title: busybox

Search URL Search Domain Scan URL

URL: https://ghidra-sre.org/
Title: https://ghidra-sre.org/

Search URL Search Domain Scan URL

URL: https://www.qemu.org/
Title: https://www.qemu.org/

Search URL Search Domain Scan URL

URL: https://hashcat.net/hashcat/
Title: hashcat

Search URL Search Domain Scan URL

URL: https://github.com/tothi/pwn-hisilicon-dvr#password-hash-function
Title: described in previous research

Search URL Search Domain Scan URL

URL: https://github.com/tothi/pwn-hisilicon-dvr#summary
Title: https://github.com/tothi/pwn-hisilicon-dvr#summary

Search URL Search Domain Scan URL

URL: https://github.com/Snawoot/hisilicon-dvr-telnet
Title: https://github.com/Snawoot/hisilicon-dvr-telnet

Search URL Search Domain Scan URL

URL: https://github.com/tothi/hs-dvr-telnet
Title: https://github.com/tothi/hs-dvr-telnet

Search URL Search Domain Scan URL

URL: https://github.com/tothi/pyDes/commit/7a26fe09dc5b57b175c6439fbbf496414598a7a2
Title: https://github.com/tothi/pyDes/commit/7a26fe09dc5b57b175c6439fbbf496414598a7a2

Search URL Search Domain Scan URL

URL: http://www.xiongmaitech.com/en/index.php/news/info/12/68
Title: link

Search URL Search Domain Scan URL

URL: http://web.archive.org/web/20200221103130/http://www.xiongmaitech.com/en/index.php/news/info/12/68
Title: archive 1

Search URL Search Domain Scan URL

URL: https://archive.fo/foJ47
Title: archive 2

Search URL Search Domain Scan URL

URL: https://twitter.com/snawoot
Title: Twitter

Search URL Search Domain Scan URL

URL: https://github.com/Snawoot/
Title: Github

Search URL Search Domain Scan URL

URL: https://telegram.me/Snawoot
Title: Telegram

Search URL Search Domain Scan URL

URL: https://tmtm.ru/services/advertising/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://tmtm.ru/megapost/
Title: Разместить

Search URL Search Domain Scan URL

URL: https://effect.habr.com/a/igSCC5ZpO5kPdyjMKJ-UV5p_4ue9UAl8LKZKs0pIeZqJpW051hL9vYwYjd0Vxrmhyjz0nm6HkUsX6cg2QuXCoJZnLG68edIFsO2UVsiajmTQaBs5RzuVWVGlenKyokI
Title: Опрос Хотите рассказать о себе в наших социальных сетях?

Search URL Search Domain Scan URL

URL: https://effect.habr.com/a/1Vpv3zpHAlJAPAvCxy7kd9MZd8xRKC1ikdbHWQlOduzbvVfVkr-0ikCPiZsquahk3lYvamTJ4CidIOpTFkAu6bNWsoIZlfxxuDTBkzU8bpSnNrC3ZS2xyHcHkE3tI5ZEfP3srhzjDAr4AtV3LY4grx4
Title: Событие Неделя аналитиков на Хабр Карьере

Search URL Search Domain Scan URL

URL: https://effect.habr.com/a/G6E4kXZft4GUx9G4NHdrCh7LvE9LyGS_f8eG72QdEhfkitqfnJ12PC86aUSPMQvWZQGilelbzIlypeFTLQ4ShdGXeETaLFCrEP6dl4LmUF5tZKtAxFjG
Title: Промо Промокод — твой билет в общество потребления

Search URL Search Domain Scan URL

URL: https://qna.habr.com/questions?utm_campaign=questions_postlist&utm_content=questions&utm_medium=habr_block&utm_source=habr_mob
Title: Вопросы и ответы

Search URL Search Domain Scan URL

URL: https://qna.habr.com/q/944761?utm_campaign=questions_postlist&utm_content=question&utm_medium=habr_block&utm_source=habr_mob
Title: Нормально к одной ip камере подключать 2 регика?

Search URL Search Domain Scan URL

URL: https://qna.habr.com/q/335195?utm_campaign=questions_postlist&utm_content=question&utm_medium=habr_block&utm_source=habr_mob
Title: NVR или сервер с ПО?

Search URL Search Domain Scan URL

URL: https://qna.habr.com/q/286068?utm_campaign=questions_postlist&utm_content=question&utm_medium=habr_block&utm_source=habr_mob
Title: Как сделать два nvr unifi video или получить с камер видопоток?

Search URL Search Domain Scan URL

URL: https://qna.habr.com/q/270620?utm_campaign=questions_postlist&utm_content=question&utm_medium=habr_block&utm_source=habr_mob
Title: Как "достать" видеозапись с "китайского" NVR?

Search URL Search Domain Scan URL

URL: https://qna.habr.com/q/221878?utm_campaign=questions_postlist&utm_content=question&utm_medium=habr_block&utm_source=habr_mob
Title: Как посмотреть записи с камеры наблюдения?

Search URL Search Domain Scan URL

URL: https://qna.habr.com/questions?utm_campaign=questions_postlist&utm_content=questions_all&utm_medium=habr_block&utm_source=habr_mob
Title: Больше вопросов на Хабр Q&A

Search URL Search Domain Scan URL

URL: https://effect.habr.com/a/Tn8r4Hqdk6ZU4gx1n-YeMkSN-aUDUr9LAt8RpRss2p02MQG5t3rAvBP3s7Qgro7uD-5p3u52JlV5eP6FiNxZ07U5NycHlCWc41OM37fKDgnBD0YD4Ow
Title: Чатботы, трансформеры, беспилотный транспорт: экспресс-тур по городу ИИ

Search URL Search Domain Scan URL

URL: https://effect.habr.com/a/B7CyQOfD6_NAX-CksJlIYTyJy0i6AMZAw1oegl7TyAqBZY__nIQOPVHg69l2IZGnvqCkzwEVoZlSU5JjtNUH0fmHGyEaPr_4DPZh0qFtMABpyHBNg6g
Title: База для айтишника: что нужно делать в вузе, чтобы блистать на собеседованиях

Search URL Search Domain Scan URL

URL: https://career.habr.com/vacancies/specialist_po_informacionnoj_bezopasnosti
Title: Специалист по информационной безопасности

Search URL Search Domain Scan URL

URL: https://career.habr.com/vacancies/sistemnij_administrator
Title: Системный администратор

Search URL Search Domain Scan URL

URL: https://career.habr.com/catalog
Title: Все вакансии

Search URL Search Domain Scan URL

URL: https://account.habr.com/info/agreement
Title: Соглашение

Search URL Search Domain Scan URL

URL: https://account.habr.com/info/confidential/
Title: Конфиденциальность

Search URL Search Domain Scan URL

URL: https://docs.google.com/presentation/d/e/2PACX-1vQLwRfQmXibiUlWaRg-BAc38s7oM3lJiaPju7qmdJsp8ysIvZ_G-Npem0njJLMozE2bPHMpDqiI5hhy/pub?start=false&loop=false&delayms=60000&slide=id.g91a03369cd_4_297
Title: Реклама

Search URL Search Domain Scan URL

URL: https://habrastorage.org/storage/stuff/habr/service_price.pdf
Title: Тарифы

Search URL Search Domain Scan URL

URL: https://docs.google.com/presentation/d/e/2PACX-1vQJJds8-Di7BQSP_guHxICN7woVYoN5NP_22ra-BIo4bqnTT9FR6fB-Ku2P0AoRpX0Ds-LRkDeAoD8F/pub?start=false&loop=false&delayms=60000
Title: Контент

Search URL Search Domain Scan URL

URL: https://tmtm.timepad.ru/
Title: Семинары

Search URL Search Domain Scan URL

URL: https://www.facebook.com/habrahabr.ru
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/habr_com
Title: Twitter

Search URL Search Domain Scan URL

URL: https://vk.com/habr
Title: VK

Search URL Search Domain Scan URL

URL: https://telegram.me/habr_com
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCd_sTwKqVrweTt4oAKY5y4w
Title: Youtube

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/habr
Title: Яндекс Дзен

Search URL Search Domain Scan URL

URL: https://company.habr.com/
Title: Habr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://habrastorage.org/r/w1560/webt/r_/3d/ko/r_3dkof6_ydvswrt0m0pbe3pd4q.png HTTP 302
https://hsto.org/r/w1560/webt/r_/3d/ko/r_3dkof6_ydvswrt0m0pbe3pd4q.png

Request Chain 24

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9615.fA-w5bSRHptbImBd32_uaGzH-a8SAnNb90E6tNOf5yu8WBrUgB5kBipUMPxXTn6T.iPq19yhh7I-M2B6ZREqwbWofdoo%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9615.vE7zjv14TSRTsr9y5MmifkyGQ9VsgMvk_pSpoI80SyF6zoKJpFCBf2nPts0tL9SDdv5hKkpPn3liYq7PtC1nAg%2C%2C.DerTc1DbVa8To4PLWezF-HT6p9o%2C

Request Chain 31

https://habr.com/auth/checklogin/ HTTP 302
https://habr.com/ru/auth/checklogin/

Request Chain 43

https://mc.yandex.com/watch/24049213?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1173303332869%3Ahid%3A627260188%3Az%3A0%3Ai%3A20220421203315%3Aet%3A1650573196%3Ac%3A1%3Arn%3A1018729449%3Au%3A1650573196135639588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650573194841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650573196%3At%3AFull%20disclosure%3A%200day%20vulnerability%20(backdoor)%20in%20firmware%20for%20Xiaongmai-based%20DVRs%2C%20NVRs%20and%20IP%20cameras%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1173303332869%3Ahid%3A627260188%3Az%3A0%3Ai%3A20220421203315%3Aet%3A1650573196%3Ac%3A1%3Arn%3A1018729449%3Au%3A1650573196135639588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650573194841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650573196%3At%3AFull%20disclosure%3A%200day%20vulnerability%20%28backdoor%29%20in%20firmware%20for%20Xiaongmai-based%20DVRs%2C%20NVRs%20and%20IP%20cameras%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 49

https://effect.habr.com/a/Q6prxG3zMXDUpGZ2nb9x4yLh4RlCl559vdFPrDz0GhrbUaIkqjRtjiAsjRIbeEtIyORruiyWWmFbWD5I1g1Z1w7YL2u9yRZ698SCpqrcBdMMs_-i-v_j_U8Lsr-beOoX5FeK74KhnOVMcs0VWNSQ3OIgX0_jqmL8bCdmQx_LFeN61bgf2TciL6Vr07le5NcziRkziLzIQ5FPjyyOLFe0wprRo-Y4VLU9 HTTP 308
https://habrastorage.org/getpro/effect/d40/1a7/dc1/b1d/d93/821cf9fc4b5ca4f917f4d08d0/play-button_25b6-fe0f.png HTTP 302
https://hsto.org/getpro/effect/d40/1a7/dc1/b1d/d93/821cf9fc4b5ca4f917f4d08d0/play-button_25b6-fe0f.png

Request Chain 52

https://effect.habr.com/a/vNfyJQgxJ_qJbkxGY3HJ66hV8PDkvbPpbqKmBYH-Ee46HP5hAn-uxKZZlLGnNdeiO6c3i9pDuQ54rmYYrhjL0fUokYMoSARXRHWx5wL878BRx3GNE60pgefBCdO-IDrqGPKv8fjTSnCZq066w78xU_fN4MqVfPNO4WX8uuNuMrJ4WeIpyOeGlT3x1lOr1OezEVVCDw HTTP 308
https://habrastorage.org/getpro/effect/4fd/350/138/6df/395/dce51611dd555dbcf64c972e7/1.png HTTP 302
https://hsto.org/getpro/effect/4fd/350/138/6df/395/dce51611dd555dbcf64c972e7/1.png

Request Chain 53

https://effect.habr.com/a/faiREZJxL9ZFYYWWt0E8m3FlsmTV0t7ptAOs2WTulotXHi5WRh3Jvu_tIf-U0Lu8j0N1jnztf5XuCFW6NEYAOvTbt42Jtlb2y7uLasoteeb-J5p0YLpk5W66iL_ducE1ivX1V-a98fSw0khQozcGam4qmH8Z7LfaTz6whQ5GphFtvwo8tzpeWJ8zxsF6XQdxSLs39Y0J_5QTIcZeliQ HTTP 308
https://habrastorage.org/getpro/effect/14d/f1d/00c/3ab/47f/739934c2cdd1efe700757d067/promo460296.png HTTP 302
https://hsto.org/getpro/effect/14d/f1d/00c/3ab/47f/739934c2cdd1efe700757d067/promo460296.png

Request Chain 54

https://effect.habr.com/a/Wjep9FPtwpdIKX89YODheUcbiJTnJK4dzS-RJTXVcoK1vYeWKltEjTtwlXDtnZQveb0DPgivhdta0JssogriYmi8oi2JOqwGT_YNWzLJSsHzhBFfHXnGQPB9OI2dLwuF9eEVXGEapUuEqpz26kD6GI45bd5TbOHM8PvPvT3CxcvYD5TMUxP9xAg6wKhUGVDaBg70DZ4_z0gxBJv7gx6dHKLYG1Vx HTTP 308
https://habrastorage.org/getpro/effect/187/af6/e4d/e45/a0f/31320f9d6d20d5f711864c282/2022-02-0807.59.04.jpg HTTP 302
https://hsto.org/getpro/effect/187/af6/e4d/e45/a0f/31320f9d6d20d5f711864c282/2022-02-0807.59.04.jpg

Request Chain 65

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 66

https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
https://yandex.ru/ads/system/header-bidding.js

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmG-ja2aCQVkHRS9cFGWswAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmG-ja2aCQVkHRS9cFGWswAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

Request Chain 154

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

Request Chain 156

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmG-ja2aCQVkHRS9cFGWswAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

Request Chain 158

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

Request Chain 169

https://d.adtriba.com/collect?atb_ptid=8387be89&atb_dpuid=adlicious&atb_dcaid=display_kat-audi HTTP 302
https://d.adtriba.com/px.gif

206 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
habr.com/ru/post/486856/ 86 KB
22 KB 250ms
229ms Document
text/html 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

32a61af3b5e0e4720a286fa070b461d7d518900f5ceef5e0847f2b7d22302e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Apr 2022 20:33:15 GMT
ETag: W/"158b5-d3ZAQ8REjJZ8NY7z2fWuQO4XWyA"
Expires: 0
Keep-Alive: timeout=15
Pragma: no-cache
Server: QRATOR
Strict-Transport-Security: max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Proxy-Cache-Status: MISS
X-Request-Geoip-Country-Code: DE
X-Request-Id: 27225925bf406a88668b5ef05eda4e44
X-XSS-Protection: 1; mode=block

GET
H2 200 chunk-vendors.ea998ba1.css
assets.habr.com/habr-web/css/ 20 KB
6 KB 157ms
77ms Stylesheet
text/css 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/css/chunk-vendors.ea998ba1.css

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

5de521cd8b0726276af83c5f77b0756d438f6381bca040d1f22e13ff5e66ced4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 12:00:20 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"62614754-50be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 chunk-vendors.95262fce.js Show response
assets.habr.com/habr-web/js/ 523 KB
165 KB 290ms
210ms Script
application/javascript 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

855eab231378126a49d885b9f62272f67e90cf530d723e142a83308b31188bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 12:00:20 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"62614754-82a71"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 app.5b65ddd4.css
assets.habr.com/habr-web/css/ 176 KB
29 KB 190ms
111ms Stylesheet
text/css 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/css/app.5b65ddd4.css

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

a874445d4cfecf7a09f5b3682ca5f18fa280d2c2fd534c56f5a51c1e6bea16fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 12:00:20 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"62614754-2c137"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 app.35cd4037.js Show response
assets.habr.com/habr-web/js/ 638 KB
151 KB 289ms
210ms Script
application/javascript 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/js/app.35cd4037.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

c3a7686b00f5b851e33ebfc9e93aed6124ac5babcb15d6ec5716a1a0b95c78f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 12:00:20 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"62614754-9f7bf"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 84 KB
29 KB 134ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0779c093b7f7e4671185da22df26d7cf82c0a86c75bc85aaeb1c8ddfbc5838c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28652
x-xss-protection: 0
server: sffe
etag: "1193 / 393 of 1000 / last-modified: 1650569551"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Apr 2022 20:33:15 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 278 KB
76 KB 131ms
56ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ff158d5ff979198ae046174d6dd30818257ad9a7612a3c12410fb177507df9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1650573195436648-2167437681602849742-man1-1987-d34-man-l7-balancer-8080-BAL-362
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 Apr 2022 21:33:15 GMT

GET
H2

200

r_3dkof6_ydvswrt0m0pbe3pd4q.png
hsto.org/r/w1560/webt/r_/3d/ko/
Redirect Chain

https://habrastorage.org/r/w1560/webt/r_/3d/ko/r_3dkof6_ydvswrt0m0pbe3pd4q.png
https://hsto.org/r/w1560/webt/r_/3d/ko/r_3dkof6_ydvswrt0m0pbe3pd4q.png

251 KB
252 KB

175ms
117ms

Image
image/png

2606:4700:20::681a:da1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/r/w1560/webt/r_/3d/ko/r_3dkof6_ydvswrt0m0pbe3pd4q.png
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H2
Server: 2606:4700:20::681a:da1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8881439a4b39b417d8caaa62b3d9b1740f7692d55bee28a2659b4d87886f8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Feb 2020 13:31:23 GMT
server: cloudflare
etag: "5e39722b-3ebc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnDaOjT7gtsbu0cYFil2oQdtsFp%2ByFTE71%2BwKOzIxiDvJfQcPLHTqLK3Kuj1s5YjXqhGd2mC4rPauxtSvkcvjVD9H6FLeOt8F4tdffHKICaVDNA%2FHMFrmEtbEJdl4zcPMHvkezOK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ff8e4c7bf2d916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 256969

Redirect headers

location: https://hsto.org/r/w1560/webt/r_/3d/ko/r_3dkof6_ydvswrt0m0pbe3pd4q.png
date: Thu, 21 Apr 2022 20:33:15 GMT
server: nginx
content-length: 138
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 141ms
53ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-726094-1

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81cf9780320aef1748beec861fbe070b9d0ca748a31ce3fef35bb62439e6d5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38722
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 19:36:06 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Apr 2022 20:33:15 GMT

GET
H/1.1 200
OK ads.js Show response
habr.com/js/ 106 B
698 B 47ms
33ms Script
application/javascript 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/js/ads.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

c539c169de210069c8d459338f84b361093804eb7afe3e1e0af79174f274bcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:15 GMT
Content-Encoding: gzip
X-Proxy-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: f1b19707c3e08e10d5f34bb332a5b9d7
Last-Modified: Thu, 21 Apr 2022 12:00:46 GMT
Server: QRATOR
ETag: W/"6261476e-6a"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=315360000
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ru-compiled.d66b89dd1691647f272e8c83644d4f2a.json Show response
habr.com/js/i18n/ 286 KB
43 KB 50ms
50ms XHR
application/json 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/js/i18n/ru-compiled.d66b89dd1691647f272e8c83644d4f2a.json

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

257c36c929b28adab9ab3b304e0dc3b26ebabc49a16decc69427cabe7a6f3f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Thu, 21 Apr 2022 12:00:47 GMT
Server: QRATOR
X-Proxy-Cache-Status: MISS
ETag: W/"6261476f-47637"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
X-Request-Id: 83e7956a48f4e0063ac61bd8ab354926

GET
H/1.1 200
OK habr-logo-ru.svg
habr.com/img/ 1 KB
1 KB 47ms
34ms Other
image/svg+xml 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/img/habr-logo-ru.svg

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

2be7d554f2f37e9fd7b5801b2c30ba2e36aba0b536127725343625e2297484db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:15 GMT
Content-Encoding: gzip
X-Proxy-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: 146950f486230497248ca2b96eec9688
Last-Modified: Thu, 21 Apr 2022 12:00:46 GMT
Server: QRATOR
ETag: W/"6261476e-58c"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK megazord-v25.29545111.svg
habr.com/img/ 32 KB
12 KB 52ms
38ms Other
image/svg+xml 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/img/megazord-v25.29545111.svg

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

cff901380ad42506453c3ba92c881b6286a01fc79ad41447a3925ac00ae92399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:15 GMT
Content-Encoding: gzip
X-Proxy-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: 67ca2a3b2f46e251f40ac023d5c5d66a
Last-Modified: Thu, 21 Apr 2022 12:00:46 GMT
Server: QRATOR
ETag: W/"6261476e-7e42"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK social-icons-sprite.svg
habr.com/img/ 5 KB
2 KB 57ms
35ms Other
image/svg+xml 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/img/social-icons-sprite.svg

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

76ec0937b9496cab2c3fbbcc6506874227ec8057bde64c7b032bc72909fcd4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:15 GMT
Content-Encoding: gzip
X-Proxy-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: 0334f3dd4d1d4eec0987d44f59ca3226
Last-Modified: Thu, 21 Apr 2022 12:00:46 GMT
Server: QRATOR
ETag: W/"6261476e-1331"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 125ms
61ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-113e7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70631
expires: Thu, 21 Apr 2022 21:33:15 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
23 KB 135ms
45ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 18:09:36 GMT
x-content-type-options: nosniff
age: 95019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 18:09:36 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveQhf6TF0.woff2
fonts.gstatic.com/s/firasans/v11/ 10 KB
11 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveQhf6TF0.woff2

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56e65b34594acd80db8f7c4eed23b846cc39e2207d2a8166208bd81c020b9fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 17:07:44 GMT
x-content-type-options: nosniff
age: 185131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10412
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 17:07:44 GMT

GET
H/1.1 200
OK px.gif
habr.com/img/ 42 B
544 B 95ms
94ms Image
image/gif 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://habr.com/img/px.gif?ch=1&rn=946717

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:15 GMT
Last-Modified: Thu, 21 Apr 2022 12:00:46 GMT
Server: QRATOR
X-Proxy-Cache-Status: MISS
ETag: "6261476e-2a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 42
X-Request-Geoip-Country-Code: DE
X-Request-Id: c4df5df071248f5d5433e2cebac66c77
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK px.gif
habr.com/img/ 42 B
544 B 39ms
39ms Image
image/gif 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://habr.com/img/px.gif?ch=2&rn=946717

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:15 GMT
Last-Modified: Thu, 21 Apr 2022 12:00:46 GMT
Server: QRATOR
X-Proxy-Cache-Status: MISS
ETag: "6261476e-2a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 42
X-Request-Geoip-Country-Code: DE
X-Request-Id: bef68aaa88877e625b8cf9a257e50460
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubads_impl_2022042001.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
124 KB 110ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067210

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e38188d7aeeab09989954d42e1eac3f97f6320a4e6d51cc2dde4ac391289bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126015
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Apr 2023 14:49:12 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 159 B
748 B 116ms
41ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=habr.com

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3af77532a166a8a1d4af72d9cb9523766b4f2f7e1c0328d4f2f2d45b6043cc05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 0
expires: Thu, 21 Apr 2022 20:33:15 GMT

GET
H2 200 fca9771dc32d2e4bce0f.js Show response
yastatic.net/partner-code-bundles/571603/ 13 KB
5 KB 100ms
34ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/571603/fca9771dc32d2e4bce0f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

fc4df1824814569f14631765398e34bed9a3df6afeec737886864b85e05c8e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://habr.com/ru/post/486856/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4467
last-modified: Tue, 19 Apr 2022 14:38:38 GMT
server: nginx/1.17.9
etag: "f4161d579e560f4217f25cee21c6a306"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2052 03:05:52 GMT

GET
H2 200 f11eb4560b34f238cb3c.js Show response
yastatic.net/partner-code-bundles/571603/ 89 KB
19 KB 128ms
62ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/571603/f11eb4560b34f238cb3c.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3db96fbc9afa902fe4b7a1ebc78f18fc094b62e5a86be95d3c62174779228082

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://habr.com/ru/post/486856/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18850
last-modified: Tue, 19 Apr 2022 14:38:38 GMT
server: nginx/1.17.9
etag: "813fff1c04935924e81c81cb165270b6"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2052 03:05:42 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 176ms
111ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://habr.com/ru/post/486856/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2052 03:07:11 GMT

GET
H2 200 91b66302c53a16b3867d.js Show response
yastatic.net/partner-code-bundles/571603/ 490 KB
102 KB 141ms
78ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/571603/91b66302c53a16b3867d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b4e353f35acf66958a4a0d0573d2d782cdc69305462073a6aedfe5cb0465b54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://habr.com/ru/post/486856/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 104206
last-modified: Tue, 19 Apr 2022 14:38:38 GMT
server: nginx/1.17.9
etag: "a60ac07fca9adb80f574e8ab7ba9f6a3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2052 03:05:22 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9615.fA-w5bSRHptbImBd32_uaGzH-a8SAnNb90E6tNOf5yu8WBrUgB5kBipUMPxXTn6T.iPq19yhh7I-M2B6ZREqwbWofdoo%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9615.vE7zjv14TSRTsr9y5MmifkyGQ9VsgMvk_pSpoI80SyF6zoKJpFCBf2nPts0tL9SDdv5hKkpPn3liYq7PtC1nAg%2C%2C.DerTc1DbVa8To4PLWezF-HT6p9o%2C

75 B
75 B

31ms
31ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9615.vE7zjv14TSRTsr9y5MmifkyGQ9VsgMvk_pSpoI80SyF6zoKJpFCBf2nPts0tL9SDdv5hKkpPn3liYq7PtC1nAg%2C%2C.DerTc1DbVa8To4PLWezF-HT6p9o%2C

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9615.vE7zjv14TSRTsr9y5MmifkyGQ9VsgMvk_pSpoI80SyF6zoKJpFCBf2nPts0tL9SDdv5hKkpPn3liYq7PtC1nAg%2C%2C.DerTc1DbVa8To4PLWezF-HT6p9o%2C
date: Thu, 21 Apr 2022 20:33:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 33ms
33ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:15 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 21 Apr 2022 21:33:15 GMT

GET
H2 200 chunk-2d21ab85.4d06bd97.js Show response
assets.habr.com/habr-web/js/ 556 B
732 B 34ms
33ms Script
application/javascript 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/js/chunk-2d21ab85.4d06bd97.js

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/app.35cd4037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

031d9dbbbf6050bdf38ae317f84f31144e81f14ec4458167eb458e2c978e93d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 07:56:42 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"624bf63a-22c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 187ms
38ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-726094-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3505
date: Thu, 21 Apr 2022 19:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Apr 2022 21:34:50 GMT

GET
H2 200 gallery.88e7cab4.css
assets.habr.com/habr-web/css/ 11 KB
4 KB 38ms
37ms Stylesheet
text/css 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/css/gallery.88e7cab4.css

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/app.35cd4037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

eac6458aa7f4f0234f508a211d1602800b08dd8ecd5dd29b46136e6f9438b4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 01:14:49 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"625e0d09-2db9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 gallery.97251416.js Show response
assets.habr.com/habr-web/js/ 3 KB
1 KB 38ms
38ms Script
application/javascript 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/js/gallery.97251416.js

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/app.35cd4037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

cb866c163c9159851108980d9a6ae804f7c992557bee3ccb9ce864c27e8d67c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Fri, 15 Apr 2022 06:42:05 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"625913bd-a2c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 chunk-2d222042.bdf40a76.js Show response
assets.habr.com/habr-web/js/ 635 B
764 B 36ms
36ms Script
application/javascript 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/js/chunk-2d222042.bdf40a76.js

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/app.35cd4037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

2914fbe27722d8c2d831724c23af9f5f19df96f957c30b1a47ce66fadc529983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:19 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 07:56:42 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"624bf63a-27b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

/ Show response
habr.com/ru/auth/checklogin/
Redirect Chain

https://habr.com/auth/checklogin/
https://habr.com/ru/auth/checklogin/

38 B
1 KB

44ms
44ms

Script
application/x-javascript

178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/ru/auth/checklogin/

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

HTTP/1.1

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

960b278bee0e306b1a0831990b00daed1b92e00f5a025739f1c1001a241f71e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA", CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Connection: keep-alive
X-Request-Id: 1bfd9cfcda7343a8eb3e45fd094cb1de
Server: QRATOR
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
X-Content-Type-Options: nosniff
Server: QRATOR
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Location: https://habr.com/ru/auth/checklogin/
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
X-Request-Id: 1e7bf052cdbdb9bceb96fb52e89defd8

GET
H/1.1 200
OK questions Show response
habr.com/kek/v2/inset/ 1 KB
1 KB 72ms
72ms XHR
application/json 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/kek/v2/inset/questions?tags=hisilicon%2Cdvr%2Cnvr%2Cip%20camera%2Cvulnerability&hl=ru

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

50cd0e88cfc485a784f37d17bfb729c136f182f884af91eddc5b6efcbc553c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
x-app-version: 2.71.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Proxy-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block
X-Request-Id: cec8a2c433a8aaf4655536133ed5d282
server-habr-version: 2.71.0
Server: QRATOR
X-Frame-Options: SAMEORIGIN
ETag: W/"412-bPNjGEI5Uaska69Zoiatx1bGA84"
X-Download-Options: noopen
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE

GET
H/1.1 200
OK / Show response
habr.com/kek/v2/articles/ 72 KB
19 KB 78ms
78ms XHR
application/json 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/kek/v2/articles/?period=daily&sort=date&fl=ru&hl=ru&page=1

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

97e1b4a99ff5212dd14e80f416e5c6e17835ce784c151ed4fc4f09df76fbf99c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
x-app-version: 2.71.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Proxy-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block
X-Request-Id: 3e32e5e3bad038ad78f8067c246bff40
server-habr-version: 2.71.0
Server: QRATOR
X-Frame-Options: SAMEORIGIN
ETag: W/"11e46-6Pd8fqK9DpPLUFLlS6Nuep7hklc"
X-Download-Options: noopen
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE

GET
H/1.1 200
OK similar Show response
habr.com/kek/v2/articles/486856/ 9 KB
4 KB 84ms
84ms XHR
application/json 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/kek/v2/articles/486856/similar?fl=ru&hl=ru

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

bbf4ff84044809ff484eba6c5b8479915395836c4d7b437aab14053c3df3e878

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
x-app-version: 2.71.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Proxy-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block
X-Request-Id: e159c3c64bd7dfa1c93d424378e51654
server-habr-version: 2.71.0
Server: QRATOR
X-Frame-Options: SAMEORIGIN
ETag: W/"2278-Bqiw3VwVLYp2cTSdVSFVFcMKVn4"
X-Download-Options: noopen
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE

POST
H/1.1 200
OK pageview Show response
habr.com/kek/v1/articles/486856/ 53 B
814 B 62ms
62ms XHR
application/json 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/kek/v1/articles/486856/pageview

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

3620f56da7826ffb2eaa6f8e198e0f594127671101a35b39464af290377dc8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
x-app-version: 2.71.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block
X-Request-Id: d622f69ae838f663c108dc7716e347af
server-habr-version: 2.71.0
Server: QRATOR
X-Frame-Options: SAMEORIGIN
ETag: W/"35-zWAiE8eHB81DOVUXX+nwPmSA5Fg"
X-Download-Options: noopen
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE

GET
H/1.1 200
OK / Show response
habr.com/kek/v2/articles/ 72 KB
19 KB 82ms
70ms XHR
application/json 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/kek/v2/articles/?period=daily&sort=date&fl=ru&hl=ru&page=1

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

97e1b4a99ff5212dd14e80f416e5c6e17835ce784c151ed4fc4f09df76fbf99c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
x-app-version: 2.71.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Proxy-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block
X-Request-Id: d274fd55e5638b62f2bcae7a2d9085a9
server-habr-version: 2.71.0
Server: QRATOR
X-Frame-Options: SAMEORIGIN
ETag: W/"11e46-6Pd8fqK9DpPLUFLlS6Nuep7hklc"
X-Download-Options: noopen
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE

GET
H/1.1 200
OK most-reading Show response
habr.com/kek/v2/articles/ 62 KB
17 KB 118ms
77ms XHR
application/json 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/kek/v2/articles/most-reading?fl=ru&hl=ru

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

01d6a5dbff8c5f7b15325bc17c898e5bc9c8696c18cf718dd3a6cdc3463b6589

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
x-app-version: 2.71.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Proxy-Cache-Status: MISS
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-XSS-Protection: 1; mode=block
X-Request-Id: 6db61dd877916e1261e2be703b9a89f9
server-habr-version: 2.71.0
Server: QRATOR
X-Frame-Options: SAMEORIGIN
ETag: W/"f78b-DObUSWzR/ifEVUlwMhgN6G14lr0"
X-Download-Options: noopen
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE

SEARCH
H/1.1 200
OK a Show response
effect.habr.com/ 5 KB
3 KB 55ms
55ms XHR
application/json 178.248.233.33
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://effect.habr.com/a

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.233.33 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

habr.com

Software

QRATOR /

Resource Hash

4f8035ea35742dac46c45760acbeaade246417556c5a5019461fc3398a10e26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Server: QRATOR
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://habr.com
Cache-Control: private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
expires: -1

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/406261/getBulk/ Frame 3007 3 KB
3 KB 130ms
129ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/406261/getBulk/v2?dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&date=2022-04-21T20%3A33%3A15.805%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=307350945&pr=3983808701&prr=&pv=20&pw=4&extid_loader=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&extid_tag_loader=habr.com&ylv=0.571603&ybv=0.571603&ytt=116000087474181&is-turbo=0&skip-token=&ad-session-id=2856001650573195811&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A780%2C%22h%22%3A200%2C%22width%22%3A780%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A252%2C%22top%22%3A6111%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=571603&available-width=780&available-height=200&yaru=true&pp=h&ps=fnps&p2=hnyb&puid1=post&puid2=f_develop%3Af_admin%3Af_popsci&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid4=no&puid5=%2Fru%2Fpost%2F486856%2F&puid6=ru&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&duid=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&pcode-test-ids=571218%2C0%2C53%3B568462%2C0%2C68%3B551984%2C0%2C57%3B568041%2C0%2C44%3B572743%2C0%2C4%3B552090%2C0%2C1%3B564391%2C0%2C62%3B570938%2C0%2C86%3B571036%2C0%2C49%3B571034%2C0%2C95%3B564895%2C0%2C91%3B555795%2C0%2C35%3B406668%2C0%2C96%3B571603%2C0%2C66%3B564283%2C0%2C87%3B565224%2C0%2C93%3B563297%2C0%2C49&pcode-flags-map=eJylV8uO2zYU%2FZXC60FAUtQrO0qibCIUqZCUPU4QEGk7XQVF0U6CAkH%2BvZeSLFuyR56gs5gXfA7v%2B9z7fcMVKyT3pa54af1hJxyXwrrN24%2FfN98%2Bf%2Fn6tHm7cabjm4fN89M%2Fz%2BJ3%2BJuSHMX55senh00lbI%2BveM066bzb8YZ73rTu6KvOMCe0usuVRj1XwyvBfC2ArhAOsNy3RmgjgKtmpdNmxoTeoPCFr9hoz7bXsgNTis45rTxTork2ZnD%2BiiDtCTolam0A9RrIEI1yx9QWgilF%2BQ5CYXS33Xmpt6KccYAvYMnJtJOPM86IpIT0nGOC9m0%2BJmk9nBSnOb4EnqMK6RVu5xvLw5%2BOG9%2BpCr6zovJayeMd4piSMbLMglNq6%2Flj62vJ4JflU94d26vseQgnFIoVhlenDK%2B%2FmUYJjl54885jM2K8ZCXJxDravtOKH1vtIBLeNkxK33JTcrXeCTGiJBrCbfj7jlvn9w0DC41u%2FJFBeB%2B96dYpSBqRwUm70wcvWcHl2YqhSNYZIoRRPjlkO7PnRygWtecGOlJ7xQ%2BeVaXh0AF7Pn5gRrkXFddzTpxkeOK8Qnvgtst2%2BpbkOP8DnFkjCkYJC2UnVK29FOrdunNQdVG8zNZohJYVMPrJNqGgqhWTvtFVJ9eLK45jFKUTcYhRGQIO8Rr70%2FHHO9kHioxeNlunbNe22jiocKlZ6C5bGtE6b03pD8woobZ3ONOYns06zdd%2BpPS%2FMXDW9q20g3r%2FoJXr%2FR0sZkIuSh%2FG3nbxQIay7FUP9Kkq%2Fxf91F2vMPU6FDOq17Z%2FiIycT0kchGJGnUQpPVNbN8zYGzUdp5iiZIZNoSIHLKtq%2FegbSO1eWFEIGQwA5%2Fpgzmie%2Fv1rrhlpFKGTzIyVEixnTXuJe%2F7769MMlkX5CIMpbm3ooiXm%2Bq0JdNPeAkw%2BKD7LxUdo2oSkDyQGpY%2FhR5Zl%2BCGKKc6yBxLlcRR%2BxChNHkhCKY0eCCIQ5dNHIpQnCcBTlCMM8JTS7NNsBucY4dEmbzlXXhcwFPZzMzZPf37%2B9cvTXBkTkg%2F9UQvwBfzfcbHdOa%2FcehhoHI3K%2BIEr4kGEQIq2yhPs30dQArz10SpBTEg%2BDOoWWqR03rgC4g8jjK%2FiUpLHg8Wl7lQ%2FkR93ZhWSpdkotpOI%2BEo3TKg1GOSDRKOyhYEeiqPUTaF93UkJgwjivIrHoERoim1h9DtIDMTVb42o1pFpnCU3DQ4TxhlRrMKhdpLB34OottwFy9uw7qyiIopxes5ocBJWnAp2nGEsrWEpphk6Y09jsNAmtKJhlejsL69kOLLg7eCmZ%2FLAjnYdGZ12tKpuoRBtqxW0sxMN191ccshycFGKoiFSfXyCzNvllnL1Xgw0FwPA8DBxTu%2BFmboOp2lKruGiDtp7COPzXl29wHAyYM9kN8tWhG6jp2Ml1LRQLSQZ5KpZfzvBY9fe3T2W0BghOqwekoN0g3QZEAlmBFsEnCxhY3oXXWg4bAAVrAavbMewoYy5ZsaG%2Fdqxc7lwY0Aw4Lq45IgX%2BkmHvFsLsgktbcUHvl6bCcKjWEyKCgKxF%2FwQ1pp1aJqM0PAMVIWyYYmYlGYVnKIkHsENg7W10ZaJMsTO7lgFezFMk3UCgkddmF0jA5tdn15nbBjple6mjehuc7zwbD%2BAgkC%2FEnyxuB%2BYcLAl9utALQycFEzZAxTtzXs6nqcgowkZz5EWluLhGjmdJqx2fe0bLeWdzQvn2fnYm61sUMvhe8skd3ChK9bMB63sxbjYLuxCFC8dDStM2OALA5IhRe38qMjhLd2VuxlvzaTli%2BilNLrVZ6cjYSgco%2FW8bn97%2FjJ3lqCxbsMwFVUfo362cMkbGK42UDvhen2oji%2BV9FUUE3raOKZNOiyH8Ah89OpIve6IfFwzL7bnn8FjNC4DcA3BWQTTmrX9mQQLyM%2BQ0Ck2I8I3nXSiYEoN982ynJYBTmiWD3N0a1hB7sy89PKz%2FcSaDThM0Nrnb4gojl9A3FqH17ZvlCRJdtbe5bIKwUpQtAhf%2BM%2BPTz%2F%2BA5wUmk8%3D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Hw5iaVmhs2oADusGVhZQzNbS%2B3Ly9xlZG4%2FG1fR0t1smPpIhCAA5gu0WxN0zeAu1sEvNamcWxs6273kzKDyO5RjAC7I%3D&top-ancestor=https%3A%2F%2Fhabr.com&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0NTl9CjOkpJDbOIqBGFDXD7qjn9FD02hE-8o_ZbQQ0duVZhpRXMP7u4qIMrNmwqISUZHxuLBtEyf5mz9-b3g_t-_cviHq1pQ2Rf0G-jyAaxBjVUEzchvRnyZpum4iisaKMagYgxirigEs3XG6W5Ln5KSblaCTuY3d0XXHrmbzi1MMdif3m4fh5mwi7sXugmJyOc2sXZDNDkFp2eZzW5H4LVW3wwUmjCTtEB5Yb7bbYWF3r3HPbeqizgIQFpgsAEYFj5IUuGSLkgTbrOgl66lzsokxUHglGdksXnO6l22johmXCb16PHtgutVoxVlR8ASC6hnnwD3vXk0jMxnF5jN2RUmCU4zCb0bJ9gHH0n1gXFzqdjbOOno1z7nP7saZ6WZNtZke7xJZgNuCs0BABYcFZqck7gcEKguADhOUwwYBFTxUcFmgsEBlAaYPPMAcGGBZUFHBRQVn5IDFAhMVSH2lHGAwUYHGAjFAX65AuxyoLJBRwR7YAHWIQF3uWCBdGlBYoKICYWAA6JkH-cJAZ4HaKfF5BtcR4vNqc4X4RjGcKgTUnxxfFFnB5z7z3T4ESCjcmjyzWFsiiphN24CEAvqW7ABoXcDUWc-Cl8a73K41-S6Nyjfb5uxA5e1a9L7VNPl6cYz-FBrZWgGwC9ZpeEY7VsbrnGLwFCqrdBN3uNOmf66Yat0cJ3PepWG8_2qeq85vr7CZf_fEq2-oeWcoicViChEznTAq-7dyk5xap1fsWdpddFPa7QVerFBCKRMj0sltBCZhhKxVXNqNeujGsiKK-fCzyxbiuwV9gHfPaSlBQmFwJU5jZ93AxOSYzbKqSRHvXU1aciJUTMzt4hQaGclqNm3ZTuZnyfJ12aKVzMCpa2bLzZxnWxFrmXmI6QoeFhptbvzqZW6VNN3gZVPiGzaFsLMAv-S6Lxk-8QcHFYhLjsGIJJMFAgukji9qGmcBmJxm9BWnUKjAIH9fodYyci5RiqgItZtM6J9qS7jV1jEx0-n3W0hCBiiY6CaXV4zKXVqCdaIDtbOAn7gNwkbzSGXkRU5kPxW06PvYjVSBAPMoDdIjLYiP3K_YuQd1igfGuT3Md41krgH60kCbUAkiUiUA5CMmiBPhAHsmoE5MRKJAMN8iKA9k4EwzoCNVKEBsvEIF8haLBXw4-fPJdG-aL5Do6cCXz85wehUyBbKiYuOdFuQFCvPxDuNxlYIqaaYGPd6NgvEWKAHbEtP6hdX4VcIprsGjoAlVFs4ZhFiPJxJafTXTKJ5TJdZ6th_AREb6ycODKL1EbkmW-aBw8bVpzQcxKPAYyGFHCRKm3Uwzc5DcYcwdNWnJLq8sVRYDJGSFYGKu95bIAhHSJdCFmLllsQW50xQcoxXKQuPBGKMpI6T1jCecAJ91E49XqiCQ0Oj9A4AjMKNwqxBR_4qG-qCyYRXk72gSMhKyzgKjkxITIEKwi_5yVRHyH_FIA8fA6XRWe19mpvsISEMx8zzdT5IlERKn2BihSkK6Ofm4C-IBBvP1f0CB-iD2MHvAwD08ECbwAFFWQxRZu-8SFKe6kjOi-CB57iGjE8Cvy2cBP44X9E3n6f5NBihoExZ0yUYAVKBOr-NJP4Q-TB4ZDhuQv4o7AsC4Z_0UmK7uGKNzAi86UkD-7sB622up76SHigqw4xJAUWooIzn0nptGyFXCCANwSuB2IeA33zeF3wbvYIEE9I2CiehD540sZna27dieuDPG1g3D3GZM_A2WnJVNo_Nu0_q1_v68fO_eXb0ue85ZWS4NU0_GwkevtptNccd-64KFfNa8aq3F5datlOadb2fVNyDu-DwSIZKNmkdIEiElbjOdcqOnY9i7Lm4dpY-ptMyWbc0N5rlGi2o3_1-LJWo9GTdqvFhd619fc7hzeOWWjveH-HXTE-wYgZm5Srgp3I_0yDO5WZ3zjF4dNuL-rBvrJzLX0o1od1TBS2iI-9yWKZmcV05uZ-A3oaXRIjpHSA90GPXkTxoMPaXSbMR7jvXvJGSkxOIOa4Am7LCSgf5WoOf36hb3FDx_3JyM6disvGqnd_Z6NYedShquX1a46r3OovJL2JfmpDyXD82ZlZuNGnNY0aqnD_2YKPtODV6Nr7hH6pzq3yVdwOSN22x2f38HTCbyyTvFDUgnG-_AzqMhN3g_ofxyW9DCt3MoqHZRnMPXCJ2aXvX0dNffvt3q6_w-nyGHT0RCKDI8C_EyGv99LtwqaLpjbIGSUZdvXmUPl9n6G0YUfCJishUWvrwN6utj_oJl9L9IVvXKPInLXYYO-Ve8qNCt214se7qNH2MiVHPP8CzGe_2yW5d0VzAErC0xinFZ3LH0OU-qDOe86MMLX00EHV93hPhOedgR8gzDSgQiEYfDEXu2fzMnid-JiMtNlSeyRAiJiAnhkyASr355TyyNT9yffb7a5-g_W16ZeOQ13xyOTV1k_XIiYmISIhKEIkbew0mk2xvsi966mV3x72OOR8eP97zAgwj68h-YE53qlDj7CpSf_xfQTqPzKF3tveTWjjGjn6e-vnwBXS_n0zPZlpEfHqyn_0Hw1aj2LfDHTuuM1yFKZ-FxdYh5jGRrvOaN2cvXA3x1Q8wfT52ianHJXfMMvckiUIx49Mq-GASBGQjw3xwcs0jdfqo71u2PgeFuK7S_XFKt20MfiIqto8V3cov9aOn0VKftk5NI1B5fMnpx1QDr64ntZ7SYxDU2-0L6JSzL0aiCvwH-TlNQGr5ogJiHnFbcPVdg_f0aD1dNRytOM9ly1kLJylJzkq1bk03Vs27mzGH0obWZ7uRlvS08GDhh4uBhQzvxfCZeBt5r_wukzq385rONOg4eBjyc9VnD4VQfXSmYeuHlK9KY2zw4-hmtpkbZtxmhuugm7OpYCuQXc8iQVpihwkT8BfT-045K6rSrHzoetnI3ccfbILXiTwJPDm7F8dPLz-eva5yAR7Xh9SrVdKKrfk2q1XZ1ay3H29yt_vBlw5JAt0PrnMf419jka0MaeYoycWDwbia51CJIHe9iMjsZeYHcrrKscrAedUdc7Dm8cZhy3bLd_Ff7x7quqmEsqyPtxcn6Ds4gfFMIB0JoHQ42RCcZD_SpSnfo7xDPKf5zmgvQfprsxPMYDWM_8L18r1m99hAs7ytlgTENbFVORp_Z1ygM9fzKpJtqXvRrE3SWpl-jyqw7qSjokVWNKm9VkHc7nsIPNDkGGrzX8LTdOJrkL96jzJWZHywn3fvez9RfIX43JAvmOYY-bphggYL5yamkqB62q03cJdevlDtEZXOWjVeC-7Z2Bm8gNHghcD5-WdvB40pcdep0luVCo8RMPv8Ekx2cnxvv5Oxz2dHFbRIEG8VeHDt3JUAJ9kGGxpZYdchYcZ2TRyogPg3-FdWDyetvvs4Q6lwCCAIANSpwhtEomQHimUQgcQv_L14RD6XuXftGNFvn-tVUOg8p_aVTJJsvuyTx2vogjE_4TfVz93b1xWeu9rjrTdhAmvS8IJ_9Ay9Y59-SrsZMZG74xcaCmJ6ZwF1ilDGFZ2BSvfcpGutEq6yh9OKOez85cT2-P04IZN4cX72UDsLoU-nktsfa3cxY0LBFHC3NIq5tiKIbF8XnwMTFwd6h68ojzVQgLMjhOYoh4QADviA1EjVTgsjL6c0tj_g2n77Nk4mNVMxp3VzTJ_1yiiD40GVqXYQbZ7_DfL2hrjc5FXeY9qNE3IVh3NAmTcMLmwAmxPR-OEDGhQEDJgwV2pJlTkmVysuZuaAR86Valubj0wBzzjYt0sA9Hg5c7dwaL8pLdxENNemrdOPRbEv24-SYJqeA4RBhft5RCzQoWwKlQB-b73cGC3IUXqrH2O2GWK9EPKVM0rA-kszEXxs_0nfjbGIaEoGqoscUykDCGdefFiK4jT2YUdxZB5m7wONYho0DDw_po62ijcFeQohObC63nh5fXsVai7UE0_rc3RFqUcaaWaB_ntIJ1zpOsWH0ZhY1EhPDxcWS4MLFJZmAccL7EJHf4cagG2cIehyuU-jC3fk4aS9caxcXLlbckTefNlKviDDwa0vs-PXghXbuRRKful3XMJk5qLozxtKftmsVfOPzR_384NfJVYN3zxxsVtWAOHUqOp0BYa-PKKO1RzzipwvuWVWLPw0qpby962GEIoo7jKjnZ9OWp-Wbib8NzWtfu0Ug2HQbcW8uCV0X6PFiZ65uxhUrx1x4FEKznBzX0PT0IhhhSN6du_qg8NeTKiyMEyNnR24cwuEV90Y-fDGpmDQWHEIseJ1cblTyR7ok3QrPJn-sS8RPeTHi7PCLvasiWgHVd4LW_y-04tJWiAYg4uJA6-TcNTPGWBVs2Ls3AHrl6qN12OzDrX5ZzR1v1M-M1tdKk7WujtFJSdCIvtVa-Gspv37Ge1_N_nS2MYf89j7iYIOGXl7Eh5B0gv40v-HXi_dMy0NaPO8OOcXajmZEdk6yikoW1hjb4MxgNcSVWF1pXP9zbadg1DM5MSuYCNaq_eY76hLcLVBskWoXWK2YiYBSrmwzNsAewBFjwzAPEE8I0QrFFx3IBRQ7CInwRSN5AXKFwVG8KCEeHpIrh4zG5bnF8pihQbEADAedlIQYckSgecREpKSQI-KsICJCCDkigIHug-9CjhBeeRMI6ESIQlpFIY9ypQsl9NE6azlJyGrj2pKHn_h2h2_-Nn-BV7WIsEQ2rNtqePG-6trdabyqzdt09iww_TahhG-2EyI42HBu1URvdwJ4Xh-WooJu27XG4DnxFXwozsSMarAN-RpD7T7S2MCwTd8OTmuoMDqwOUQYh4zfOEUBofodGqwYeYyoiguK-OBkaStQNBvqTWqKk9V4anoTLKtGM--9ajxEC-9mj6rb0FyNXAN0er7MvgJ_afbGJ-fy6cU1XBFetgWFL4IX-ZFVJK2a_RXWGpvY8Pq4qgph3a9m2WpxYQrxBMnVRlH7y4D6M6p_sRkEjDnUOj_nHbDf657mNP1dU4cYOCaQxaQbyjzdH-3ityGviCyOLVHRBEtuCf3P3MeB7XCH-nrivZubwa_BSAw8rFZBU0nvHnjBnVcd3uhMoldT8e6lA6Bx&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

cec75285d32eb4339a09f7292dfc2c9efd2c2bbcdd36d49ec003aad0df9330c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:15 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1650573195879017-10731701511645434933-man1-1987-d34-man-l7-balancer-8080-BAL-6195
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Thu, 21 Apr 2022 20:33:15 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 21 Apr 2022 20:33:15 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/406261/getBulk/ Frame 3007 3 KB
4 KB 96ms
95ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/406261/getBulk/v2?dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&date=2022-04-21T20%3A33%3A15.864%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=4225441614&pr=3983808701&prr=&pv=20&pw=4&extid_loader=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&extid_tag_loader=habr.com&ylv=0.571603&ybv=0.571603&ytt=116000087474181&is-turbo=0&skip-token=&ad-session-id=2856001650573195811&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1048%2C%22top%22%3A117%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=571603&available-width=300&available-height=600&yaru=true&pp=g&ps=fnps&p2=hnxd&puid1=post&puid2=f_develop%3Af_admin%3Af_popsci&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid4=no&puid5=%2Fru%2Fpost%2F486856%2F&puid6=ru&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&duid=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&pcode-test-ids=571218%2C0%2C53%3B568462%2C0%2C68%3B551984%2C0%2C57%3B568041%2C0%2C44%3B572743%2C0%2C4%3B552090%2C0%2C1%3B564391%2C0%2C62%3B570938%2C0%2C86%3B571036%2C0%2C49%3B571034%2C0%2C95%3B564895%2C0%2C91%3B555795%2C0%2C35%3B406668%2C0%2C96%3B571603%2C0%2C66%3B564283%2C0%2C87%3B565224%2C0%2C93%3B563297%2C0%2C49&pcode-flags-map=eJylV8uO2zYU%2FZXC60FAUtQrO0qibCIUqZCUPU4QEGk7XQVF0U6CAkH%2BvZeSLFuyR56gs5gXfA7v%2B9z7fcMVKyT3pa54af1hJxyXwrrN24%2FfN98%2Bf%2Fn6tHm7cabjm4fN89M%2Fz%2BJ3%2BJuSHMX55senh00lbI%2BveM066bzb8YZ73rTu6KvOMCe0usuVRj1XwyvBfC2ArhAOsNy3RmgjgKtmpdNmxoTeoPCFr9hoz7bXsgNTis45rTxTork2ZnD%2BiiDtCTolam0A9RrIEI1yx9QWgilF%2BQ5CYXS33Xmpt6KccYAvYMnJtJOPM86IpIT0nGOC9m0%2BJmk9nBSnOb4EnqMK6RVu5xvLw5%2BOG9%2BpCr6zovJayeMd4piSMbLMglNq6%2Flj62vJ4JflU94d26vseQgnFIoVhlenDK%2B%2FmUYJjl54885jM2K8ZCXJxDravtOKH1vtIBLeNkxK33JTcrXeCTGiJBrCbfj7jlvn9w0DC41u%2FJFBeB%2B96dYpSBqRwUm70wcvWcHl2YqhSNYZIoRRPjlkO7PnRygWtecGOlJ7xQ%2BeVaXh0AF7Pn5gRrkXFddzTpxkeOK8Qnvgtst2%2BpbkOP8DnFkjCkYJC2UnVK29FOrdunNQdVG8zNZohJYVMPrJNqGgqhWTvtFVJ9eLK45jFKUTcYhRGQIO8Rr70%2FHHO9kHioxeNlunbNe22jiocKlZ6C5bGtE6b03pD8woobZ3ONOYns06zdd%2BpPS%2FMXDW9q20g3r%2FoJXr%2FR0sZkIuSh%2FG3nbxQIay7FUP9Kkq%2Fxf91F2vMPU6FDOq17Z%2FiIycT0kchGJGnUQpPVNbN8zYGzUdp5iiZIZNoSIHLKtq%2FegbSO1eWFEIGQwA5%2Fpgzmie%2Fv1rrhlpFKGTzIyVEixnTXuJe%2F7769MMlkX5CIMpbm3ooiXm%2Bq0JdNPeAkw%2BKD7LxUdo2oSkDyQGpY%2FhR5Zl%2BCGKKc6yBxLlcRR%2BxChNHkhCKY0eCCIQ5dNHIpQnCcBTlCMM8JTS7NNsBucY4dEmbzlXXhcwFPZzMzZPf37%2B9cvTXBkTkg%2F9UQvwBfzfcbHdOa%2FcehhoHI3K%2BIEr4kGEQIq2yhPs30dQArz10SpBTEg%2BDOoWWqR03rgC4g8jjK%2FiUpLHg8Wl7lQ%2FkR93ZhWSpdkotpOI%2BEo3TKg1GOSDRKOyhYEeiqPUTaF93UkJgwjivIrHoERoim1h9DtIDMTVb42o1pFpnCU3DQ4TxhlRrMKhdpLB34OottwFy9uw7qyiIopxes5ocBJWnAp2nGEsrWEpphk6Y09jsNAmtKJhlejsL69kOLLg7eCmZ%2FLAjnYdGZ12tKpuoRBtqxW0sxMN191ccshycFGKoiFSfXyCzNvllnL1Xgw0FwPA8DBxTu%2BFmboOp2lKruGiDtp7COPzXl29wHAyYM9kN8tWhG6jp2Ml1LRQLSQZ5KpZfzvBY9fe3T2W0BghOqwekoN0g3QZEAlmBFsEnCxhY3oXXWg4bAAVrAavbMewoYy5ZsaG%2Fdqxc7lwY0Aw4Lq45IgX%2BkmHvFsLsgktbcUHvl6bCcKjWEyKCgKxF%2FwQ1pp1aJqM0PAMVIWyYYmYlGYVnKIkHsENg7W10ZaJMsTO7lgFezFMk3UCgkddmF0jA5tdn15nbBjple6mjehuc7zwbD%2BAgkC%2FEnyxuB%2BYcLAl9utALQycFEzZAxTtzXs6nqcgowkZz5EWluLhGjmdJqx2fe0bLeWdzQvn2fnYm61sUMvhe8skd3ChK9bMB63sxbjYLuxCFC8dDStM2OALA5IhRe38qMjhLd2VuxlvzaTli%2BilNLrVZ6cjYSgco%2FW8bn97%2FjJ3lqCxbsMwFVUfo362cMkbGK42UDvhen2oji%2BV9FUUE3raOKZNOiyH8Ah89OpIve6IfFwzL7bnn8FjNC4DcA3BWQTTmrX9mQQLyM%2BQ0Ck2I8I3nXSiYEoN982ynJYBTmiWD3N0a1hB7sy89PKz%2FcSaDThM0Nrnb4gojl9A3FqH17ZvlCRJdtbe5bIKwUpQtAhf%2BM%2BPTz%2F%2BA5wUmk8%3D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Hw5iaVmhs2oADusGVhZQzNbS%2B3Ly9xlZG4%2FG1fR0t1smPpIhCAA5gu0WxN0zeAu1sEvNamcWxs6273kzKDyO5RjAC7I%3D&top-ancestor=https%3A%2F%2Fhabr.com&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0NTl9CjOkpJDbOIqBGFDXD7qjn9FD02hE-8o_ZbQQ0duVZhpRXMP7u4qIMrNmwqISUZHxuLBtEyf5mz9-b3g_t-_cviHq1pQ2Rf0G-jyAaxBjVUEzchvRnyZpum4iisaKMagYgxirigEs3XG6W5Ln5KSblaCTuY3d0XXHrmbzi1MMdif3m4fh5mwi7sXugmJyOc2sXZDNDkFp2eZzW5H4LVW3wwUmjCTtEB5Yb7bbYWF3r3HPbeqizgIQFpgsAEYFj5IUuGSLkgTbrOgl66lzsokxUHglGdksXnO6l22johmXCb16PHtgutVoxVlR8ASC6hnnwD3vXk0jMxnF5jN2RUmCU4zCb0bJ9gHH0n1gXFzqdjbOOno1z7nP7saZ6WZNtZke7xJZgNuCs0BABYcFZqck7gcEKguADhOUwwYBFTxUcFmgsEBlAaYPPMAcGGBZUFHBRQVn5IDFAhMVSH2lHGAwUYHGAjFAX65AuxyoLJBRwR7YAHWIQF3uWCBdGlBYoKICYWAA6JkH-cJAZ4HaKfF5BtcR4vNqc4X4RjGcKgTUnxxfFFnB5z7z3T4ESCjcmjyzWFsiiphN24CEAvqW7ABoXcDUWc-Cl8a73K41-S6Nyjfb5uxA5e1a9L7VNPl6cYz-FBrZWgGwC9ZpeEY7VsbrnGLwFCqrdBN3uNOmf66Yat0cJ3PepWG8_2qeq85vr7CZf_fEq2-oeWcoicViChEznTAq-7dyk5xap1fsWdpddFPa7QVerFBCKRMj0sltBCZhhKxVXNqNeujGsiKK-fCzyxbiuwV9gHfPaSlBQmFwJU5jZ93AxOSYzbKqSRHvXU1aciJUTMzt4hQaGclqNm3ZTuZnyfJ12aKVzMCpa2bLzZxnWxFrmXmI6QoeFhptbvzqZW6VNN3gZVPiGzaFsLMAv-S6Lxk-8QcHFYhLjsGIJJMFAgukji9qGmcBmJxm9BWnUKjAIH9fodYyci5RiqgItZtM6J9qS7jV1jEx0-n3W0hCBiiY6CaXV4zKXVqCdaIDtbOAn7gNwkbzSGXkRU5kPxW06PvYjVSBAPMoDdIjLYiP3K_YuQd1igfGuT3Md41krgH60kCbUAkiUiUA5CMmiBPhAHsmoE5MRKJAMN8iKA9k4EwzoCNVKEBsvEIF8haLBXw4-fPJdG-aL5Do6cCXz85wehUyBbKiYuOdFuQFCvPxDuNxlYIqaaYGPd6NgvEWKAHbEtP6hdX4VcIprsGjoAlVFs4ZhFiPJxJafTXTKJ5TJdZ6th_AREb6ycODKL1EbkmW-aBw8bVpzQcxKPAYyGFHCRKm3Uwzc5DcYcwdNWnJLq8sVRYDJGSFYGKu95bIAhHSJdCFmLllsQW50xQcoxXKQuPBGKMpI6T1jCecAJ91E49XqiCQ0Oj9A4AjMKNwqxBR_4qG-qCyYRXk72gSMhKyzgKjkxITIEKwi_5yVRHyH_FIA8fA6XRWe19mpvsISEMx8zzdT5IlERKn2BihSkK6Ofm4C-IBBvP1f0CB-iD2MHvAwD08ECbwAFFWQxRZu-8SFKe6kjOi-CB57iGjE8Cvy2cBP44X9E3n6f5NBihoExZ0yUYAVKBOr-NJP4Q-TB4ZDhuQv4o7AsC4Z_0UmK7uGKNzAi86UkD-7sB622up76SHigqw4xJAUWooIzn0nptGyFXCCANwSuB2IeA33zeF3wbvYIEE9I2CiehD540sZna27dieuDPG1g3D3GZM_A2WnJVNo_Nu0_q1_v68fO_eXb0ue85ZWS4NU0_GwkevtptNccd-64KFfNa8aq3F5datlOadb2fVNyDu-DwSIZKNmkdIEiElbjOdcqOnY9i7Lm4dpY-ptMyWbc0N5rlGi2o3_1-LJWo9GTdqvFhd619fc7hzeOWWjveH-HXTE-wYgZm5Srgp3I_0yDO5WZ3zjF4dNuL-rBvrJzLX0o1od1TBS2iI-9yWKZmcV05uZ-A3oaXRIjpHSA90GPXkTxoMPaXSbMR7jvXvJGSkxOIOa4Am7LCSgf5WoOf36hb3FDx_3JyM6disvGqnd_Z6NYedShquX1a46r3OovJL2JfmpDyXD82ZlZuNGnNY0aqnD_2YKPtODV6Nr7hH6pzq3yVdwOSN22x2f38HTCbyyTvFDUgnG-_AzqMhN3g_ofxyW9DCt3MoqHZRnMPXCJ2aXvX0dNffvt3q6_w-nyGHT0RCKDI8C_EyGv99LtwqaLpjbIGSUZdvXmUPl9n6G0YUfCJishUWvrwN6utj_oJl9L9IVvXKPInLXYYO-Ve8qNCt214se7qNH2MiVHPP8CzGe_2yW5d0VzAErC0xinFZ3LH0OU-qDOe86MMLX00EHV93hPhOedgR8gzDSgQiEYfDEXu2fzMnid-JiMtNlSeyRAiJiAnhkyASr355TyyNT9yffb7a5-g_W16ZeOQ13xyOTV1k_XIiYmISIhKEIkbew0mk2xvsi966mV3x72OOR8eP97zAgwj68h-YE53qlDj7CpSf_xfQTqPzKF3tveTWjjGjn6e-vnwBXS_n0zPZlpEfHqyn_0Hw1aj2LfDHTuuM1yFKZ-FxdYh5jGRrvOaN2cvXA3x1Q8wfT52ianHJXfMMvckiUIx49Mq-GASBGQjw3xwcs0jdfqo71u2PgeFuK7S_XFKt20MfiIqto8V3cov9aOn0VKftk5NI1B5fMnpx1QDr64ntZ7SYxDU2-0L6JSzL0aiCvwH-TlNQGr5ogJiHnFbcPVdg_f0aD1dNRytOM9ly1kLJylJzkq1bk03Vs27mzGH0obWZ7uRlvS08GDhh4uBhQzvxfCZeBt5r_wukzq385rONOg4eBjyc9VnD4VQfXSmYeuHlK9KY2zw4-hmtpkbZtxmhuugm7OpYCuQXc8iQVpihwkT8BfT-045K6rSrHzoetnI3ccfbILXiTwJPDm7F8dPLz-eva5yAR7Xh9SrVdKKrfk2q1XZ1ay3H29yt_vBlw5JAt0PrnMf419jka0MaeYoycWDwbia51CJIHe9iMjsZeYHcrrKscrAedUdc7Dm8cZhy3bLd_Ff7x7quqmEsqyPtxcn6Ds4gfFMIB0JoHQ42RCcZD_SpSnfo7xDPKf5zmgvQfprsxPMYDWM_8L18r1m99hAs7ytlgTENbFVORp_Z1ygM9fzKpJtqXvRrE3SWpl-jyqw7qSjokVWNKm9VkHc7nsIPNDkGGrzX8LTdOJrkL96jzJWZHywn3fvez9RfIX43JAvmOYY-bphggYL5yamkqB62q03cJdevlDtEZXOWjVeC-7Z2Bm8gNHghcD5-WdvB40pcdep0luVCo8RMPv8Ekx2cnxvv5Oxz2dHFbRIEG8VeHDt3JUAJ9kGGxpZYdchYcZ2TRyogPg3-FdWDyetvvs4Q6lwCCAIANSpwhtEomQHimUQgcQv_L14RD6XuXftGNFvn-tVUOg8p_aVTJJsvuyTx2vogjE_4TfVz93b1xWeu9rjrTdhAmvS8IJ_9Ay9Y59-SrsZMZG74xcaCmJ6ZwF1ilDGFZ2BSvfcpGutEq6yh9OKOez85cT2-P04IZN4cX72UDsLoU-nktsfa3cxY0LBFHC3NIq5tiKIbF8XnwMTFwd6h68ojzVQgLMjhOYoh4QADviA1EjVTgsjL6c0tj_g2n77Nk4mNVMxp3VzTJ_1yiiD40GVqXYQbZ7_DfL2hrjc5FXeY9qNE3IVh3NAmTcMLmwAmxPR-OEDGhQEDJgwV2pJlTkmVysuZuaAR86Valubj0wBzzjYt0sA9Hg5c7dwaL8pLdxENNemrdOPRbEv24-SYJqeA4RBhft5RCzQoWwKlQB-b73cGC3IUXqrH2O2GWK9EPKVM0rA-kszEXxs_0nfjbGIaEoGqoscUykDCGdefFiK4jT2YUdxZB5m7wONYho0DDw_po62ijcFeQohObC63nh5fXsVai7UE0_rc3RFqUcaaWaB_ntIJ1zpOsWH0ZhY1EhPDxcWS4MLFJZmAccL7EJHf4cagG2cIehyuU-jC3fk4aS9caxcXLlbckTefNlKviDDwa0vs-PXghXbuRRKful3XMJk5qLozxtKftmsVfOPzR_384NfJVYN3zxxsVtWAOHUqOp0BYa-PKKO1RzzipwvuWVWLPw0qpby962GEIoo7jKjnZ9OWp-Wbib8NzWtfu0Ug2HQbcW8uCV0X6PFiZ65uxhUrx1x4FEKznBzX0PT0IhhhSN6du_qg8NeTKiyMEyNnR24cwuEV90Y-fDGpmDQWHEIseJ1cblTyR7ok3QrPJn-sS8RPeTHi7PCLvasiWgHVd4LW_y-04tJWiAYg4uJA6-TcNTPGWBVs2Ls3AHrl6qN12OzDrX5ZzR1v1M-M1tdKk7WujtFJSdCIvtVa-Gspv37Ge1_N_nS2MYf89j7iYIOGXl7Eh5B0gv40v-HXi_dMy0NaPO8OOcXajmZEdk6yikoW1hjb4MxgNcSVWF1pXP9zbadg1DM5MSuYCNaq_eY76hLcLVBskWoXWK2YiYBSrmwzNsAewBFjwzAPEE8I0QrFFx3IBRQ7CInwRSN5AXKFwVG8KCEeHpIrh4zG5bnF8pihQbEADAedlIQYckSgecREpKSQI-KsICJCCDkigIHug-9CjhBeeRMI6ESIQlpFIY9ypQsl9NE6azlJyGrj2pKHn_h2h2_-Nn-BV7WIsEQ2rNtqePG-6trdabyqzdt09iww_TahhG-2EyI42HBu1URvdwJ4Xh-WooJu27XG4DnxFXwozsSMarAN-RpD7T7S2MCwTd8OTmuoMDqwOUQYh4zfOEUBofodGqwYeYyoiguK-OBkaStQNBvqTWqKk9V4anoTLKtGM--9ajxEC-9mj6rb0FyNXAN0er7MvgJ_afbGJ-fy6cU1XBFetgWFL4IX-ZFVJK2a_RXWGpvY8Pq4qgph3a9m2WpxYQrxBMnVRlH7y4D6M6p_sRkEjDnUOj_nHbDf657mNP1dU4cYOCaQxaQbyjzdH-3ityGviCyOLVHRBEtuCf3P3MeB7XCH-nrivZubwa_BSAw8rFZBU0nvHnjBnVcd3uhMoldT8e6lA6Bx&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

72e1cac04cbac920478213c6ae3fea5b66ac1749b8c5d5dd4bd9140af3902a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:15 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1650573195911131-6675954134315637553-man1-1987-d34-man-l7-balancer-8080-BAL-8464
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Thu, 21 Apr 2022 20:33:15 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 21 Apr 2022 20:33:15 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/406261/getBulk/ Frame 3007 3 KB
3 KB 97ms
96ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/406261/getBulk/v2?dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&date=2022-04-21T20%3A33%3A15.878%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=156843320&pr=3983808701&prr=&pv=20&pw=4&extid_loader=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&extid_tag_loader=habr.com&ylv=0.571603&ybv=0.571603&ytt=116000087474181&is-turbo=0&skip-token=&ad-session-id=2856001650573195811&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A250%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1048%2C%22top%22%3A404%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=571603&available-width=300&available-height=250&yaru=true&pp=i&ps=fnps&p2=hnxg&puid1=post&puid2=f_develop%3Af_admin%3Af_popsci&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid4=no&puid5=%2Fru%2Fpost%2F486856%2F&puid6=ru&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&duid=MTY1MDU3MzE5NjEzNTYzOTU4OA%3D%3D&pcode-test-ids=571218%2C0%2C53%3B568462%2C0%2C68%3B551984%2C0%2C57%3B568041%2C0%2C44%3B572743%2C0%2C4%3B552090%2C0%2C1%3B564391%2C0%2C62%3B570938%2C0%2C86%3B571036%2C0%2C49%3B571034%2C0%2C95%3B564895%2C0%2C91%3B555795%2C0%2C35%3B406668%2C0%2C96%3B571603%2C0%2C66%3B564283%2C0%2C87%3B565224%2C0%2C93%3B563297%2C0%2C49&pcode-flags-map=eJylV8uO2zYU%2FZXC60FAUtQrO0qibCIUqZCUPU4QEGk7XQVF0U6CAkH%2BvZeSLFuyR56gs5gXfA7v%2B9z7fcMVKyT3pa54af1hJxyXwrrN24%2FfN98%2Bf%2Fn6tHm7cabjm4fN89M%2Fz%2BJ3%2BJuSHMX55senh00lbI%2BveM066bzb8YZ73rTu6KvOMCe0usuVRj1XwyvBfC2ArhAOsNy3RmgjgKtmpdNmxoTeoPCFr9hoz7bXsgNTis45rTxTork2ZnD%2BiiDtCTolam0A9RrIEI1yx9QWgilF%2BQ5CYXS33Xmpt6KccYAvYMnJtJOPM86IpIT0nGOC9m0%2BJmk9nBSnOb4EnqMK6RVu5xvLw5%2BOG9%2BpCr6zovJayeMd4piSMbLMglNq6%2Flj62vJ4JflU94d26vseQgnFIoVhlenDK%2B%2FmUYJjl54885jM2K8ZCXJxDravtOKH1vtIBLeNkxK33JTcrXeCTGiJBrCbfj7jlvn9w0DC41u%2FJFBeB%2B96dYpSBqRwUm70wcvWcHl2YqhSNYZIoRRPjlkO7PnRygWtecGOlJ7xQ%2BeVaXh0AF7Pn5gRrkXFddzTpxkeOK8Qnvgtst2%2BpbkOP8DnFkjCkYJC2UnVK29FOrdunNQdVG8zNZohJYVMPrJNqGgqhWTvtFVJ9eLK45jFKUTcYhRGQIO8Rr70%2FHHO9kHioxeNlunbNe22jiocKlZ6C5bGtE6b03pD8woobZ3ONOYns06zdd%2BpPS%2FMXDW9q20g3r%2FoJXr%2FR0sZkIuSh%2FG3nbxQIay7FUP9Kkq%2Fxf91F2vMPU6FDOq17Z%2FiIycT0kchGJGnUQpPVNbN8zYGzUdp5iiZIZNoSIHLKtq%2FegbSO1eWFEIGQwA5%2Fpgzmie%2Fv1rrhlpFKGTzIyVEixnTXuJe%2F7769MMlkX5CIMpbm3ooiXm%2Bq0JdNPeAkw%2BKD7LxUdo2oSkDyQGpY%2FhR5Zl%2BCGKKc6yBxLlcRR%2BxChNHkhCKY0eCCIQ5dNHIpQnCcBTlCMM8JTS7NNsBucY4dEmbzlXXhcwFPZzMzZPf37%2B9cvTXBkTkg%2F9UQvwBfzfcbHdOa%2FcehhoHI3K%2BIEr4kGEQIq2yhPs30dQArz10SpBTEg%2BDOoWWqR03rgC4g8jjK%2FiUpLHg8Wl7lQ%2FkR93ZhWSpdkotpOI%2BEo3TKg1GOSDRKOyhYEeiqPUTaF93UkJgwjivIrHoERoim1h9DtIDMTVb42o1pFpnCU3DQ4TxhlRrMKhdpLB34OottwFy9uw7qyiIopxes5ocBJWnAp2nGEsrWEpphk6Y09jsNAmtKJhlejsL69kOLLg7eCmZ%2FLAjnYdGZ12tKpuoRBtqxW0sxMN191ccshycFGKoiFSfXyCzNvllnL1Xgw0FwPA8DBxTu%2BFmboOp2lKruGiDtp7COPzXl29wHAyYM9kN8tWhG6jp2Ml1LRQLSQZ5KpZfzvBY9fe3T2W0BghOqwekoN0g3QZEAlmBFsEnCxhY3oXXWg4bAAVrAavbMewoYy5ZsaG%2Fdqxc7lwY0Aw4Lq45IgX%2BkmHvFsLsgktbcUHvl6bCcKjWEyKCgKxF%2FwQ1pp1aJqM0PAMVIWyYYmYlGYVnKIkHsENg7W10ZaJMsTO7lgFezFMk3UCgkddmF0jA5tdn15nbBjple6mjehuc7zwbD%2BAgkC%2FEnyxuB%2BYcLAl9utALQycFEzZAxTtzXs6nqcgowkZz5EWluLhGjmdJqx2fe0bLeWdzQvn2fnYm61sUMvhe8skd3ChK9bMB63sxbjYLuxCFC8dDStM2OALA5IhRe38qMjhLd2VuxlvzaTli%2BilNLrVZ6cjYSgco%2FW8bn97%2FjJ3lqCxbsMwFVUfo362cMkbGK42UDvhen2oji%2BV9FUUE3raOKZNOiyH8Ah89OpIve6IfFwzL7bnn8FjNC4DcA3BWQTTmrX9mQQLyM%2BQ0Ck2I8I3nXSiYEoN982ynJYBTmiWD3N0a1hB7sy89PKz%2FcSaDThM0Nrnb4gojl9A3FqH17ZvlCRJdtbe5bIKwUpQtAhf%2BM%2BPTz%2F%2BA5wUmk8%3D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=Hw5iaVmhs2oADusGVhZQzNbS%2B3Ly9xlZG4%2FG1fR0t1smPpIhCAA5gu0WxN0zeAu1sEvNamcWxs6273kzKDyO5RjAC7I%3D&top-ancestor=https%3A%2F%2Fhabr.com&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0NTl9CjOkpJDbOIqBGFDXD7qjn9FD02hE-8o_ZbQQ0duVZhpRXMP7u4qIMrNmwqISUZHxuLBtEyf5mz9-b3g_t-_cviHq1pQ2Rf0G-jyAaxBjVUEzchvRnyZpum4iisaKMagYgxirigEs3XG6W5Ln5KSblaCTuY3d0XXHrmbzi1MMdif3m4fh5mwi7sXugmJyOc2sXZDNDkFp2eZzW5H4LVW3wwUmjCTtEB5Yb7bbYWF3r3HPbeqizgIQFpgsAEYFj5IUuGSLkgTbrOgl66lzsokxUHglGdksXnO6l22johmXCb16PHtgutVoxVlR8ASC6hnnwD3vXk0jMxnF5jN2RUmCU4zCb0bJ9gHH0n1gXFzqdjbOOno1z7nP7saZ6WZNtZke7xJZgNuCs0BABYcFZqck7gcEKguADhOUwwYBFTxUcFmgsEBlAaYPPMAcGGBZUFHBRQVn5IDFAhMVSH2lHGAwUYHGAjFAX65AuxyoLJBRwR7YAHWIQF3uWCBdGlBYoKICYWAA6JkH-cJAZ4HaKfF5BtcR4vNqc4X4RjGcKgTUnxxfFFnB5z7z3T4ESCjcmjyzWFsiiphN24CEAvqW7ABoXcDUWc-Cl8a73K41-S6Nyjfb5uxA5e1a9L7VNPl6cYz-FBrZWgGwC9ZpeEY7VsbrnGLwFCqrdBN3uNOmf66Yat0cJ3PepWG8_2qeq85vr7CZf_fEq2-oeWcoicViChEznTAq-7dyk5xap1fsWdpddFPa7QVerFBCKRMj0sltBCZhhKxVXNqNeujGsiKK-fCzyxbiuwV9gHfPaSlBQmFwJU5jZ93AxOSYzbKqSRHvXU1aciJUTMzt4hQaGclqNm3ZTuZnyfJ12aKVzMCpa2bLzZxnWxFrmXmI6QoeFhptbvzqZW6VNN3gZVPiGzaFsLMAv-S6Lxk-8QcHFYhLjsGIJJMFAgukji9qGmcBmJxm9BWnUKjAIH9fodYyci5RiqgItZtM6J9qS7jV1jEx0-n3W0hCBiiY6CaXV4zKXVqCdaIDtbOAn7gNwkbzSGXkRU5kPxW06PvYjVSBAPMoDdIjLYiP3K_YuQd1igfGuT3Md41krgH60kCbUAkiUiUA5CMmiBPhAHsmoE5MRKJAMN8iKA9k4EwzoCNVKEBsvEIF8haLBXw4-fPJdG-aL5Do6cCXz85wehUyBbKiYuOdFuQFCvPxDuNxlYIqaaYGPd6NgvEWKAHbEtP6hdX4VcIprsGjoAlVFs4ZhFiPJxJafTXTKJ5TJdZ6th_AREb6ycODKL1EbkmW-aBw8bVpzQcxKPAYyGFHCRKm3Uwzc5DcYcwdNWnJLq8sVRYDJGSFYGKu95bIAhHSJdCFmLllsQW50xQcoxXKQuPBGKMpI6T1jCecAJ91E49XqiCQ0Oj9A4AjMKNwqxBR_4qG-qCyYRXk72gSMhKyzgKjkxITIEKwi_5yVRHyH_FIA8fA6XRWe19mpvsISEMx8zzdT5IlERKn2BihSkK6Ofm4C-IBBvP1f0CB-iD2MHvAwD08ECbwAFFWQxRZu-8SFKe6kjOi-CB57iGjE8Cvy2cBP44X9E3n6f5NBihoExZ0yUYAVKBOr-NJP4Q-TB4ZDhuQv4o7AsC4Z_0UmK7uGKNzAi86UkD-7sB622up76SHigqw4xJAUWooIzn0nptGyFXCCANwSuB2IeA33zeF3wbvYIEE9I2CiehD540sZna27dieuDPG1g3D3GZM_A2WnJVNo_Nu0_q1_v68fO_eXb0ue85ZWS4NU0_GwkevtptNccd-64KFfNa8aq3F5datlOadb2fVNyDu-DwSIZKNmkdIEiElbjOdcqOnY9i7Lm4dpY-ptMyWbc0N5rlGi2o3_1-LJWo9GTdqvFhd619fc7hzeOWWjveH-HXTE-wYgZm5Srgp3I_0yDO5WZ3zjF4dNuL-rBvrJzLX0o1od1TBS2iI-9yWKZmcV05uZ-A3oaXRIjpHSA90GPXkTxoMPaXSbMR7jvXvJGSkxOIOa4Am7LCSgf5WoOf36hb3FDx_3JyM6disvGqnd_Z6NYedShquX1a46r3OovJL2JfmpDyXD82ZlZuNGnNY0aqnD_2YKPtODV6Nr7hH6pzq3yVdwOSN22x2f38HTCbyyTvFDUgnG-_AzqMhN3g_ofxyW9DCt3MoqHZRnMPXCJ2aXvX0dNffvt3q6_w-nyGHT0RCKDI8C_EyGv99LtwqaLpjbIGSUZdvXmUPl9n6G0YUfCJishUWvrwN6utj_oJl9L9IVvXKPInLXYYO-Ve8qNCt214se7qNH2MiVHPP8CzGe_2yW5d0VzAErC0xinFZ3LH0OU-qDOe86MMLX00EHV93hPhOedgR8gzDSgQiEYfDEXu2fzMnid-JiMtNlSeyRAiJiAnhkyASr355TyyNT9yffb7a5-g_W16ZeOQ13xyOTV1k_XIiYmISIhKEIkbew0mk2xvsi966mV3x72OOR8eP97zAgwj68h-YE53qlDj7CpSf_xfQTqPzKF3tveTWjjGjn6e-vnwBXS_n0zPZlpEfHqyn_0Hw1aj2LfDHTuuM1yFKZ-FxdYh5jGRrvOaN2cvXA3x1Q8wfT52ianHJXfMMvckiUIx49Mq-GASBGQjw3xwcs0jdfqo71u2PgeFuK7S_XFKt20MfiIqto8V3cov9aOn0VKftk5NI1B5fMnpx1QDr64ntZ7SYxDU2-0L6JSzL0aiCvwH-TlNQGr5ogJiHnFbcPVdg_f0aD1dNRytOM9ly1kLJylJzkq1bk03Vs27mzGH0obWZ7uRlvS08GDhh4uBhQzvxfCZeBt5r_wukzq385rONOg4eBjyc9VnD4VQfXSmYeuHlK9KY2zw4-hmtpkbZtxmhuugm7OpYCuQXc8iQVpihwkT8BfT-045K6rSrHzoetnI3ccfbILXiTwJPDm7F8dPLz-eva5yAR7Xh9SrVdKKrfk2q1XZ1ay3H29yt_vBlw5JAt0PrnMf419jka0MaeYoycWDwbia51CJIHe9iMjsZeYHcrrKscrAedUdc7Dm8cZhy3bLd_Ff7x7quqmEsqyPtxcn6Ds4gfFMIB0JoHQ42RCcZD_SpSnfo7xDPKf5zmgvQfprsxPMYDWM_8L18r1m99hAs7ytlgTENbFVORp_Z1ygM9fzKpJtqXvRrE3SWpl-jyqw7qSjokVWNKm9VkHc7nsIPNDkGGrzX8LTdOJrkL96jzJWZHywn3fvez9RfIX43JAvmOYY-bphggYL5yamkqB62q03cJdevlDtEZXOWjVeC-7Z2Bm8gNHghcD5-WdvB40pcdep0luVCo8RMPv8Ekx2cnxvv5Oxz2dHFbRIEG8VeHDt3JUAJ9kGGxpZYdchYcZ2TRyogPg3-FdWDyetvvs4Q6lwCCAIANSpwhtEomQHimUQgcQv_L14RD6XuXftGNFvn-tVUOg8p_aVTJJsvuyTx2vogjE_4TfVz93b1xWeu9rjrTdhAmvS8IJ_9Ay9Y59-SrsZMZG74xcaCmJ6ZwF1ilDGFZ2BSvfcpGutEq6yh9OKOez85cT2-P04IZN4cX72UDsLoU-nktsfa3cxY0LBFHC3NIq5tiKIbF8XnwMTFwd6h68ojzVQgLMjhOYoh4QADviA1EjVTgsjL6c0tj_g2n77Nk4mNVMxp3VzTJ_1yiiD40GVqXYQbZ7_DfL2hrjc5FXeY9qNE3IVh3NAmTcMLmwAmxPR-OEDGhQEDJgwV2pJlTkmVysuZuaAR86Valubj0wBzzjYt0sA9Hg5c7dwaL8pLdxENNemrdOPRbEv24-SYJqeA4RBhft5RCzQoWwKlQB-b73cGC3IUXqrH2O2GWK9EPKVM0rA-kszEXxs_0nfjbGIaEoGqoscUykDCGdefFiK4jT2YUdxZB5m7wONYho0DDw_po62ijcFeQohObC63nh5fXsVai7UE0_rc3RFqUcaaWaB_ntIJ1zpOsWH0ZhY1EhPDxcWS4MLFJZmAccL7EJHf4cagG2cIehyuU-jC3fk4aS9caxcXLlbckTefNlKviDDwa0vs-PXghXbuRRKful3XMJk5qLozxtKftmsVfOPzR_384NfJVYN3zxxsVtWAOHUqOp0BYa-PKKO1RzzipwvuWVWLPw0qpby962GEIoo7jKjnZ9OWp-Wbib8NzWtfu0Ug2HQbcW8uCV0X6PFiZ65uxhUrx1x4FEKznBzX0PT0IhhhSN6du_qg8NeTKiyMEyNnR24cwuEV90Y-fDGpmDQWHEIseJ1cblTyR7ok3QrPJn-sS8RPeTHi7PCLvasiWgHVd4LW_y-04tJWiAYg4uJA6-TcNTPGWBVs2Ls3AHrl6qN12OzDrX5ZzR1v1M-M1tdKk7WujtFJSdCIvtVa-Gspv37Ge1_N_nS2MYf89j7iYIOGXl7Eh5B0gv40v-HXi_dMy0NaPO8OOcXajmZEdk6yikoW1hjb4MxgNcSVWF1pXP9zbadg1DM5MSuYCNaq_eY76hLcLVBskWoXWK2YiYBSrmwzNsAewBFjwzAPEE8I0QrFFx3IBRQ7CInwRSN5AXKFwVG8KCEeHpIrh4zG5bnF8pihQbEADAedlIQYckSgecREpKSQI-KsICJCCDkigIHug-9CjhBeeRMI6ESIQlpFIY9ypQsl9NE6azlJyGrj2pKHn_h2h2_-Nn-BV7WIsEQ2rNtqePG-6trdabyqzdt09iww_TahhG-2EyI42HBu1URvdwJ4Xh-WooJu27XG4DnxFXwozsSMarAN-RpD7T7S2MCwTd8OTmuoMDqwOUQYh4zfOEUBofodGqwYeYyoiguK-OBkaStQNBvqTWqKk9V4anoTLKtGM--9ajxEC-9mj6rb0FyNXAN0er7MvgJ_afbGJ-fy6cU1XBFetgWFL4IX-ZFVJK2a_RXWGpvY8Pq4qgph3a9m2WpxYQrxBMnVRlH7y4D6M6p_sRkEjDnUOj_nHbDf657mNP1dU4cYOCaQxaQbyjzdH-3ityGviCyOLVHRBEtuCf3P3MeB7XCH-nrivZubwa_BSAw8rFZBU0nvHnjBnVcd3uhMoldT8e6lA6Bx&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

88330ef49d352da28851222344e04d6c4b0100f94c125dad94175dec1f573464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:15 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1650573195911515-12342214976971247305-man1-1987-d34-man-l7-balancer-8080-BAL-4508
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Thu, 21 Apr 2022 20:33:15 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 21 Apr 2022 20:33:15 GMT

OPTIONS
H/1.1 200
OK a
effect.habr.com/ Frame 0
0 161ms
42ms Preflight
text/html 178.248.233.33
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://effect.habr.com/a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.233.33 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

habr.com

Software

QRATOR /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: SEARCH
Origin: https://habr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Methods: POST, SEARCH
Access-Control-Allow-Origin: https://habr.com
Access-Control-Max-Age: 86400
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Apr 2022 20:33:16 GMT
Keep-Alive: timeout=15
Server: QRATOR
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Request-Geoip-Country-Code: DE
expires: -1
pragma: no-cache

GET
H2

200

1 Show response
mc.yandex.com/watch/24049213/
Redirect Chain

https://mc.yandex.com/watch/24049213?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%...
https://mc.yandex.com/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Ae...

371 B
525 B

32ms
31ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1173303332869%3Ahid%3A627260188%3Az%3A0%3Ai%3A20220421203315%3Aet%3A1650573196%3Ac%3A1%3Arn%3A1018729449%3Au%3A1650573196135639588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650573194841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650573196%3At%3AFull%20disclosure%3A%200day%20vulnerability%20%28backdoor%29%20in%20firmware%20for%20Xiaongmai-based%20DVRs%2C%20NVRs%20and%20IP%20cameras%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

37712c1f122ea1e3c967df27fd2926d373d0a79501d3a6c30a99727003cf3c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 21-Apr-2022 20:33:16 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 371
x-xss-protection: 1; mode=block
expires: Thu, 21-Apr-2022 20:33:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:15 GMT
last-modified: Thu, 21-Apr-2022 20:33:15 GMT
location: /watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1173303332869%3Ahid%3A627260188%3Az%3A0%3Ai%3A20220421203315%3Aet%3A1650573196%3Ac%3A1%3Arn%3A1018729449%3Au%3A1650573196135639588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650573194841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650573196%3At%3AFull%20disclosure%3A%200day%20vulnerability%20%28backdoor%29%20in%20firmware%20for%20Xiaongmai-based%20DVRs%2C%20NVRs%20and%20IP%20cameras%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 21-Apr-2022 20:33:15 GMT

GET
H2 200 49b785d023b5d0b4cfeb.js Show response
yastatic.net/partner-code-bundles/571603/ 37 KB
10 KB 30ms
30ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/571603/49b785d023b5d0b4cfeb.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

51fe4b00fd4c56f1fdd02998ad853b583d30f1a21fde1df0acb2da79372ac91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://habr.com/ru/post/486856/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10157
last-modified: Tue, 19 Apr 2022 14:38:38 GMT
server: nginx/1.17.9
etag: "3a3d76c20383b245953f0c5b07459fe5"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2052 03:07:22 GMT

GET
H2 200 roxot-manager.js Show response
cdn-plus.roxot-panel.com/roxot-wrapper/js/ 3 KB
1 KB 52ms
10ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-plus.roxot-panel.com/roxot-wrapper/js/roxot-manager.js?pid=c427193e-c45c-4b31-b9de-0d5bc41115fd
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/571603/91b66302c53a16b3867d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 18e801f26d49ff58918904ebcfbb21eae63853147da1fa4d14f7c0f67d6e38d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2022-04-21T20:33:10+00:00
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600, public, s-maxage=600
x-envoy-upstream-service-time: 48
cache: HIT

GET
H2 204 event
ads.adfox.ru/406261/ 0
18 B 165ms
65ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/406261/event?pm=cyz&rand=jgybsfz&duid=1650573196135639588&ad-session-id=2856001650573195811&p5=lenpy&dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&utg=oxum&lts=fixyqil&rtb-si=b&ytt=116000087474181&hash=f5ecbb4cafe2c46c&ybv=0.571603&ylv=0.571603&rqs=i393BPzVhAmLv2Fi4fNS7EnhHCLp10_H&puid6=ru&puid5=%2Fru%2Fpost%2F486856%2F&puid4=no&p2=hnxd&pr=mxhtwdp&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid2=f_develop%3Af_admin%3Af_popsci&sj=L2jiJGGaxuJuw3BsMvVlTw1GLoiOshTlLonqgXuXgWqW5v5W5ptwA51CZTe8&puid1=post&p1=csxvg

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2022 20:33:16 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/406261/ 0
18 B 171ms
73ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/406261/event?pm=cyz&rand=lzqphfx&duid=1650573196135639588&ad-session-id=2856001650573195811&p5=leact&dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&utg=oxum&lts=fixyqil&rtb-si=b&ytt=116000087474181&hash=7d4d528eb9710810&ybv=0.571603&ylv=0.571603&rqs=i8f9vlm44wmLv2FiA0jSyWkMBK8_YfS_&puid6=ru&puid5=%2Fru%2Fpost%2F486856%2F&puid4=no&p2=hnxg&pr=mxhtwdp&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid2=f_develop%3Af_admin%3Af_popsci&sj=g1UJndOQSZs4_YoiiZ65xV6A9k91ZbiOVfQeDejYm-O1JuPwDvwmiqKryvHp&puid1=post&p1=csxvp

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2022 20:33:16 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/406261/ 0
230 B 158ms
63ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/406261/event?pm=cyz&rand=lzfyted&duid=1650573196135639588&ad-session-id=2856001650573195811&p5=leknf&dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&utg=oxum&lts=fixyqil&rtb-si=b&ytt=116000087474181&hash=6eb9930511d96432&ybv=0.571603&ylv=0.571603&rqs=i3eIvcD08HmLv2FiHB1K5PUgp7Y_usQx&puid6=ru&puid5=%2Fru%2Fpost%2F486856%2F&puid4=no&p2=hnyb&pr=mxhtwdp&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid2=f_develop%3Af_admin%3Af_popsci&sj=oFzlPuBIU6o2d8j0LwzsFAr7BXhsEx_9mZDjkWPTzyG0SuLMKYUWosf1S8vgBg%3D%3D&puid1=post&p1=cszzv

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2022 20:33:16 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3

200

play-button_25b6-fe0f.png
hsto.org/getpro/effect/d40/1a7/dc1/b1d/d93/821cf9fc4b5ca4f917f4d08d0/
Redirect Chain

https://effect.habr.com/a/Q6prxG3zMXDUpGZ2nb9x4yLh4RlCl559vdFPrDz0GhrbUaIkqjRtjiAsjRIbeEtIyORruiyWWmFbWD5I1g1Z1w7YL2u9yRZ698SCpqrcBdMMs_-i-v_j_U8Lsr-beOoX5FeK74KhnOVMcs0VWNSQ3OIgX0_jqmL8bCdmQx_LFeN...
https://habrastorage.org/getpro/effect/d40/1a7/dc1/b1d/d93/821cf9fc4b5ca4f917f4d08d0/play-button_25b6-fe0f.png
https://hsto.org/getpro/effect/d40/1a7/dc1/b1d/d93/821cf9fc4b5ca4f917f4d08d0/play-button_25b6-fe0f.png

9 KB
9 KB

33ms
32ms

Image
image/png

2606:4700:20::681a:da1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/effect/d40/1a7/dc1/b1d/d93/821cf9fc4b5ca4f917f4d08d0/play-button_25b6-fe0f.png
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Server: 2606:4700:20::681a:da1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ede6976501513db0e5ca2050a085c96cd8d8e56c7f506b61b31c91500c633ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8705
last-modified: Mon, 18 Apr 2022 10:40:56 GMT
server: cloudflare
etag: "625d4038-2201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgOVvQBIkpVoLmrg53GAvxtiR5aL3fjkWY1e9zGKfjVwCsefowUNwHHe8uvh3a4uctNgNW8vRHscJ2K1T0kQKb0zZoRv%2BgpS0KjLUH6x%2B1zTWWKwZiiwFDGA3A%2BzfUIP8lbpiHVn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public, proxy-revalidate
accept-ranges: bytes
cf-ray: 6ff8e4cc6c805c02-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://hsto.org/getpro/effect/d40/1a7/dc1/b1d/d93/821cf9fc4b5ca4f917f4d08d0/play-button_25b6-fe0f.png
date: Thu, 21 Apr 2022 20:33:16 GMT
server: nginx
content-length: 138
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html

GET
H2 200 chunk-2d21042a.ad341f9d.js Show response
assets.habr.com/habr-web/js/ 678 B
776 B 64ms
63ms Script
application/javascript 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/js/chunk-2d21042a.ad341f9d.js

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/app.35cd4037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

2c533d4c42ceea0c4b4edf0a0969b5281164b0a8e17aeac43ccc0a3618babbed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:20 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 01:14:49 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"625e0d09-2a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK a Show response
effect.habr.com/ 32 B
530 B 99ms
99ms XHR
application/json 178.248.233.33
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://effect.habr.com/a

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.233.33 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

habr.com

Software

QRATOR /

Resource Hash

53e7dc5da3e94b0b64feef602b3251fa45e974526e70502b7bb19df504ece774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Server: QRATOR
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://habr.com
Cache-Control: private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
expires: -1

GET
H2

200

1.png
hsto.org/getpro/effect/4fd/350/138/6df/395/dce51611dd555dbcf64c972e7/
Redirect Chain

https://effect.habr.com/a/vNfyJQgxJ_qJbkxGY3HJ66hV8PDkvbPpbqKmBYH-Ee46HP5hAn-uxKZZlLGnNdeiO6c3i9pDuQ54rmYYrhjL0fUokYMoSARXRHWx5wL878BRx3GNE60pgefBCdO-IDrqGPKv8fjTSnCZq066w78xU_fN4MqVfPNO4WX8uuNuMrJ...
https://habrastorage.org/getpro/effect/4fd/350/138/6df/395/dce51611dd555dbcf64c972e7/1.png
https://hsto.org/getpro/effect/4fd/350/138/6df/395/dce51611dd555dbcf64c972e7/1.png

48 KB
48 KB

23ms
23ms

Image
image/png

2606:4700:20::681a:da1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/effect/4fd/350/138/6df/395/dce51611dd555dbcf64c972e7/1.png
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H2
Server: 2606:4700:20::681a:da1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57faa50a9d2050a565de88e4e50c44ec20853891675b7fa95cb35966b1abdd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45776
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49028
last-modified: Thu, 17 Feb 2022 10:07:38 GMT
server: cloudflare
etag: "620e1e6a-bf84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKejQybYjJYauV0gGrHzkM5CxtHyokrZs09vvpyQavHVPpaYaLwivnQZsv%2BG1nb1TwMlboGjzzzYm5Moin1y%2B%2F7ZYeRvJ%2BNCnuBr6KdPVET%2FeSYll3p0gYDy5puhzM4Y%2ByltnuMf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public, proxy-revalidate
accept-ranges: bytes
cf-ray: 6ff8e4cc1b05916b-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://hsto.org/getpro/effect/4fd/350/138/6df/395/dce51611dd555dbcf64c972e7/1.png
date: Thu, 21 Apr 2022 20:33:16 GMT
server: nginx
content-length: 138
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html

GET
H3

200

promo460296.png
hsto.org/getpro/effect/14d/f1d/00c/3ab/47f/739934c2cdd1efe700757d067/
Redirect Chain

https://effect.habr.com/a/faiREZJxL9ZFYYWWt0E8m3FlsmTV0t7ptAOs2WTulotXHi5WRh3Jvu_tIf-U0Lu8j0N1jnztf5XuCFW6NEYAOvTbt42Jtlb2y7uLasoteeb-J5p0YLpk5W66iL_ducE1ivX1V-a98fSw0khQozcGam4qmH8Z7LfaTz6whQ5GphF...
https://habrastorage.org/getpro/effect/14d/f1d/00c/3ab/47f/739934c2cdd1efe700757d067/promo460296.png
https://hsto.org/getpro/effect/14d/f1d/00c/3ab/47f/739934c2cdd1efe700757d067/promo460296.png

22 KB
22 KB

28ms
27ms

Image
image/png

2606:4700:20::681a:da1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/effect/14d/f1d/00c/3ab/47f/739934c2cdd1efe700757d067/promo460296.png
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Server: 2606:4700:20::681a:da1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074751e65cde4fc96246c58b15eeff1f44029e8efd1719cb287e2491a4423f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 900776
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22254
last-modified: Mon, 11 Apr 2022 10:20:19 GMT
server: cloudflare
etag: "625400e3-56ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9%2BfmDcOzqJydCQYTV66UUYgY9d1TI1bLCiLlzNjsc7p%2BxfPrBrJ44X1%2F5U0pnoekiaR4nhaAQfr0Kw%2FWxuvXQIFmvnVc2K37nZKt%2F8vksuXNZnAYL7OKiK6AObEr9RBqy%2FoJEp2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public, proxy-revalidate
accept-ranges: bytes
cf-ray: 6ff8e4cc4c445c02-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://hsto.org/getpro/effect/14d/f1d/00c/3ab/47f/739934c2cdd1efe700757d067/promo460296.png
date: Thu, 21 Apr 2022 20:33:16 GMT
server: nginx
content-length: 138
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html

GET
H2

200

2022-02-0807.59.04.jpg
hsto.org/getpro/effect/187/af6/e4d/e45/a0f/31320f9d6d20d5f711864c282/
Redirect Chain

https://effect.habr.com/a/Wjep9FPtwpdIKX89YODheUcbiJTnJK4dzS-RJTXVcoK1vYeWKltEjTtwlXDtnZQveb0DPgivhdta0JssogriYmi8oi2JOqwGT_YNWzLJSsHzhBFfHXnGQPB9OI2dLwuF9eEVXGEapUuEqpz26kD6GI45bd5TbOHM8PvPvT3Cxcv...
https://habrastorage.org/getpro/effect/187/af6/e4d/e45/a0f/31320f9d6d20d5f711864c282/2022-02-0807.59.04.jpg
https://hsto.org/getpro/effect/187/af6/e4d/e45/a0f/31320f9d6d20d5f711864c282/2022-02-0807.59.04.jpg

84 KB
84 KB

31ms
31ms

Image
image/jpeg

2606:4700:20::681a:da1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/effect/187/af6/e4d/e45/a0f/31320f9d6d20d5f711864c282/2022-02-0807.59.04.jpg
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H2
Server: 2606:4700:20::681a:da1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae5f6caecc0a0376f2100de3653e6662c94fa45ec358bc7a783a6f7265a7718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4518649
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85638
last-modified: Tue, 08 Feb 2022 04:59:55 GMT
server: cloudflare
etag: "6201f8cb-14e86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYoHRouAZ0uAKoBxYWLTzK%2BrMGYwtEw3hGf0ey2c3tg6bp74sp3TiS0jI6hlGJwApgM07o24rLw9KGYaMTZmm6IfkDaqGbBA1ISGnzOBbAUrHorB%2FDKE%2BGRBUMosjB16buIre4UW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, proxy-revalidate
accept-ranges: bytes
cf-ray: 6ff8e4cc1afc916b-FRA
cf-bgj: h2pri

Redirect headers

location: https://hsto.org/getpro/effect/187/af6/e4d/e45/a0f/31320f9d6d20d5f711864c282/2022-02-0807.59.04.jpg
date: Thu, 21 Apr 2022 20:33:16 GMT
server: nginx
content-length: 138
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/html

GET
H2 200 photoswipe.2b48f110.js Show response
assets.habr.com/habr-web/js/ 41 KB
15 KB 52ms
52ms Script
application/javascript 2001:678:5e0:1::28
HABR-AS Habr dist...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.habr.com/habr-web/js/photoswipe.2b48f110.js

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/app.35cd4037.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:678:5e0:1::28 Tallinn, Estonia, ASN204671 (HABR-AS Habr distributed network, EE),

Reverse DNS

Software

nginx /

Resource Hash

b4f81a2a21c3c09168d9187c70cf98374354aa7b7a0e46b6e8cfd12013437a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:20 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 07:56:42 GMT
server: nginx
x-proxy-cache-status: HIT
etag: W/"624bf63a-a3a1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
202 B 46ms
45ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2077176888&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&dp=%2Fru%2Fpost%2F486856%2F&ul=en-us&de=UTF-8&dt=Full%20disclosure%3A%200day%20vulnerability%20(backdoor)%20in%20firmware%20for%20Xiaongmai-based%20DVRs%2C%20NVRs%20and%20IP%20cameras%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=449983928&gjid=1094979904&cid=1444583167.1650573196&tid=UA-726094-1&_gid=826282058.1650573196&_r=1&gtm=2ou4i1&cd1=guest&cd4=no&cd6=ru&cd7=web_override&cd2=publish_ugc_en%2Ch_50%2Ch_118%2Ch_6398%2Ch_19011%2Ch_21946%2Cf_develop%2Cf_admin%2Cf_popsci&z=1816997622

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://habr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 24049213 Show response
mc.yandex.com/watch/ 43 B
73 B 33ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/24049213?page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A534%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A1173303332869%3Ahid%3A627260188%3Az%3A0%3Ai%3A20220421203316%3Aet%3A1650573196%3Ac%3A1%3Arn%3A966287895%3Arqn%3A1%3Au%3A1650573196135639588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1650573194841%3Ads%3A6%2C15%2C229%2C1%2C1%2C0%2C%2C319%2C0%2C%2C%2C%2C726%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650573196%3At%3AFull%20disclosure%3A%200day%20vulnerability%20(backdoor)%20in%20firmware%20for%20Xiaongmai-based%20DVRs%2C%20NVRs%20and%20IP%20cameras%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&t=gdpr(14)mc(h-1-p-1)lt(28100)aw(1)ti(2)

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
last-modified: Thu, 21-Apr-2022 20:33:16 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Apr-2022 20:33:16 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/24049213/ 43 B
73 B 33ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/24049213/1?page-url=%2Fru%2Fpost%2F486856%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A2%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A1173303332869%3Ahid%3A627260188%3Az%3A0%3Ai%3A20220421203316%3Aet%3A1650573196%3Ac%3A1%3Arn%3A524841943%3Arqn%3A2%3Au%3A1650573196135639588%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1650573194841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650573196&t=gdpr(14)mc(h-1-p-1)lt(28100)aw(1)ti(2)

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
last-modified: Thu, 21-Apr-2022 20:33:16 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Apr-2022 20:33:16 GMT

POST
H/1.1 200
OK a Show response
effect.habr.com/ 32 B
530 B 58ms
45ms XHR
application/json 178.248.233.33
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://effect.habr.com/a

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.233.33 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

habr.com

Software

QRATOR /

Resource Hash

53e7dc5da3e94b0b64feef602b3251fa45e974526e70502b7bb19df504ece774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Accept-Encoding
Server: QRATOR
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://habr.com
Cache-Control: private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
X-Request-Geoip-Country-Code: DE
expires: -1

GET
H2 200 common-engine.js Show response
cdn.skcrtxr.com/wrapper/js/ 340 KB
88 KB 39ms
13ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-5e332b7c-26cc-4c0f-8b85-2a1a1697451c
Requested by: Host: cdn-plus.roxot-panel.com
URL: https://cdn-plus.roxot-panel.com/roxot-wrapper/js/roxot-manager.js?pid=c427193e-c45c-4b31-b9de-0d5bc41115fd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 742caf82ffad4b5326cf89a43296b225aff41450cb0680704d31331df31eb461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2022-04-21T08:19:05+00:00
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000, public, s-maxage=31536000
x-envoy-upstream-service-time: 11
cache: HIT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-726094-1&cid=1444583167.1650573196&jid=449983928&gjid=1094979904&_gid=826282058.1650573196&_u=YEBAAUAAAAAAAC~&z=1321526826

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Apr 2022 20:33:16 GMT
content-type: text/plain
access-control-allow-origin: https://habr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12d08ee6-9f04-451d-b0de-d66b73315805 Show response
cdn.skcrtxr.com/wrapper-builder/placement/ 21 KB
1 KB 33ms
19ms XHR
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper-builder/placement/12d08ee6-9f04-451d-b0de-d66b73315805?v=d-1650556360&lng=en
Requested by: Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0fe4242b8d91588c53f085740c3c7114705d60051ce3deae81c5edb5362795b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-id: fr5-up-gc38
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2022-04-21T16:03:00+00:00
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
x-envoy-upstream-service-time: 51
cache: HIT

GET
H2 200 ee04ffe9-5fa2-4c03-b390-2cb4c8aa3006 Show response
cdn.skcrtxr.com/wrapper-builder/placement/ 6 KB
866 B 21ms
8ms XHR
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper-builder/placement/ee04ffe9-5fa2-4c03-b390-2cb4c8aa3006?v=d-1650556360&lng=en
Requested by: Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 227faf50fa291442cda366a25d3496ba241f0b8d5d2e8dcee1faa3924c6a8ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2022-04-21T16:03:00+00:00
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
x-envoy-upstream-service-time: 49
cache: HIT

GET
H2 200 126c08ef-efe4-449d-b3ab-318ad3e01f9e Show response
cdn.skcrtxr.com/wrapper-builder/placement/ 22 KB
2 KB 20ms
7ms XHR
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper-builder/placement/126c08ef-efe4-449d-b3ab-318ad3e01f9e?v=d-1650556360&lng=en
Requested by: Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d84901f51502e248b292283bfcd59a3e87be3d9249a645f4280d6d4210d613d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2022-04-21T16:00:45+00:00
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
x-envoy-upstream-service-time: 54
cache: HIT

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

278 KB
76 KB

60ms
60ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3e4d31e1511fa14b9a8ede89c6b27eeded63c239f335b6a041c288d65f1284ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1650573196341101-17363237180052585679-man1-1987-d34-man-l7-balancer-8080-BAL-510
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 Apr 2022 21:33:16 GMT

Redirect headers

date: Thu, 21 Apr 2022 20:33:16 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/context.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2

200

header-bidding.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/header-bidding.js
https://yandex.ru/ads/system/header-bidding.js

125 KB
33 KB

56ms
56ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f72bff664dc1cdfef34cdbd57bfb6cfb07f66d283c1cd4b6a7324b00cd28843c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1650573196341364-9745614272487807084-man1-1987-d34-man-l7-balancer-8080-BAL-1056
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 Apr 2022 21:33:16 GMT

Redirect headers

date: Thu, 21 Apr 2022 20:33:16 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/header-bidding.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 149ms
63ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-726094-1&cid=1444583167.1650573196&jid=449983928&_u=YEBAAUAAAAAAAC~&z=711003467

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 150ms
63ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-726094-1&cid=1444583167.1650573196&jid=449983928&_u=YEBAAUAAAAAAAC~&z=711003467

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 708A 84 KB
28 KB 143ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923d63974a42dc1b7acc02b1b5ff206a319f90c39aa0b9763f7febf933a265fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28703
x-xss-protection: 0
server: sffe
etag: "1193 / 172 of 1000 / last-modified: 1650569464"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Apr 2022 20:33:16 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E14C 84 KB
28 KB 127ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923d63974a42dc1b7acc02b1b5ff206a319f90c39aa0b9763f7febf933a265fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28703
x-xss-protection: 0
server: sffe
etag: "1193 / 752 of 1000 / last-modified: 1650569464"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Apr 2022 20:33:16 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D747 84 KB
28 KB 155ms
76ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923d63974a42dc1b7acc02b1b5ff206a319f90c39aa0b9763f7febf933a265fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28703
x-xss-protection: 0
server: sffe
etag: "1193 / 207 of 1000 / last-modified: 1650569464"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Apr 2022 20:33:16 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ Frame 58B7 88 B
270 B 176ms
55ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

75405d1d6b8fbd00d22e057222f67e928b572563cbf46a0015dbdc333a353ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://habr.com
date: Thu, 21 Apr 2022 20:33:16 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H3 200 pubads_impl_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E14C 362 KB
123 KB 98ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125970
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Apr 2023 19:25:11 GMT

GET
H3 200 pubads_impl_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 708A 362 KB
123 KB 108ms
48ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125970
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Apr 2023 19:25:11 GMT

GET
H3 200 pubads_impl_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D747 362 KB
123 KB 91ms
36ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 19:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125970
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Apr 2023 19:25:11 GMT

GET
H2 200 6af97dddfe8076268bec.js Show response
yastatic.net/partner-code-bundles/570534/ 37 KB
11 KB 31ms
31ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/570534/6af97dddfe8076268bec.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

66d52e8c2f80d6e255f24cb64f2da658ab655410a68deae8a99f55dad0dde65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://habr.com/ru/post/486856/
Origin: https://habr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10196
last-modified: Sun, 17 Apr 2022 21:07:49 GMT
server: nginx/1.17.9
etag: "85d78e328656fc431d28e3be570a98df"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2052 03:05:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D747 107 B
792 B 134ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=habr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D747 107 B
549 B 134ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=habr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D747 15 KB
8 KB 317ms
317ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=877337711169517&correlator=1584051327470184&eid=31063377%2C31067095%2C31061829%2C44762567&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=22133411051%2CAdX_Plus__habr.com%2CRight_rectangle_bottom__wf-qnf-high-1804&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C300x250&ifi=1&adks=3477781247&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=floor%3D0%26roxotRequestsCount%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650573196714&lmt=1650573196&dlt=1650573196256&idt=435&biw=1600&bih=1200&isw=300&ish=250&adxs=1198&adys=1239&ucis=lrx0hkaq0akv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&ref=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&top=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=1444583167.1650573196&ga_sid=1650573197&ga_hid=1826839894&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

19cbdda37bab9197a017c5b339a9d06f16b4d387399b759585908b0cc5a4769a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8005
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://habr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D747 14 KB
10 KB 176ms
76ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88afc94a9c7d6676a63e97c28eb7e5f8ef7ac8764eab89892afa5b5fd6a5f5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10638
x-xss-protection: 0

GET
H2 200 container.html Show response
4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F6B 6 KB
4 KB 185ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:16 GMT
expires: Fri, 21 Apr 2023 20:33:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 708A 107 B
165 B 121ms
61ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=habr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 708A 107 B
165 B 116ms
56ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=habr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 708A 63 KB
30 KB 277ms
276ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=825672408674588&correlator=265968976338677&eid=31063377%2C31067028%2C31067074&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=22133411051%2CAdX_Plus__habr.com%2CLeaderboard__780-wf-qnf-high&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C780x200%7C728x90&ifi=1&adks=1191147078&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=floor%3D0%26roxotRequestsCount%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650573196734&lmt=1650573196&dlt=1650573196231&idt=496&biw=1600&bih=1200&isw=640&ish=90&adxs=642&adys=6142&ucis=vv96modsh4yt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&ref=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&top=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=780x90&msz=780x90&fws=260&ohw=780&ea=0&ga_vid=1444583167.1650573196&ga_sid=1650573197&ga_hid=758586023&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b20280646e34df94ba8ebf1a020b391c3d4b2e93ef0cae8743ea6b485616a809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30515
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://habr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 708A 14 KB
10 KB 142ms
60ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6cdbc6e4a9fb3801c27f2aeb55063e1e0bdce6548c429798a61f436d38111d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10540
x-xss-protection: 0

GET
H2 200 container.html Show response
1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8AAA 6 KB
4 KB 162ms
48ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:16 GMT
expires: Fri, 21 Apr 2023 20:33:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E14C 107 B
165 B 115ms
71ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=habr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E14C 107 B
165 B 109ms
65ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=habr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E14C 63 KB
30 KB 280ms
280ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1717448534201291&correlator=3967124577392883&eid=31067152%2C44761477%2C31065642%2C31065787&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=22133411051%2CAdX_Plus__habr.com%2CRight_rectangle_top__wf-qnf-high-1804&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C300x600&ifi=1&adks=1652858509&didk=1680094733&sfv=1-0-38&ecs=20220421&fsapi=false&prev_scp=floor%3D0%26roxotRequestsCount%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650573196749&lmt=1650573196&dlt=1650573196240&idt=502&biw=1600&bih=1200&isw=300&ish=600&adxs=1198&adys=148&ucis=9dalyf4muqdj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&ref=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&top=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&fws=260&ohw=300&ea=0&ga_vid=1444583167.1650573196&ga_sid=1650573197&ga_hid=241076572&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

674d9ed8737017e04976e6974be3df386f124cffa12aa79f51feffb7a6603941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30497
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://habr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E14C 14 KB
11 KB 121ms
53ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

016100f29d506e36544c694b9b641911eb00d6e85921679069cfae0004710f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10703
x-xss-protection: 0

GET
H2 200 container.html Show response
247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E7E 6 KB
4 KB 161ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:16 GMT
expires: Fri, 21 Apr 2023 20:33:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 708A 17 KB
7 KB 156ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 20:33:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E14C 17 KB
6 KB 180ms
77ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 20:33:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D747 17 KB
6 KB 163ms
78ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 20:33:17 GMT

GET
H3 200 container.html Show response
1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF64 6 KB
3 KB 119ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:16 GMT
expires: Fri, 21 Apr 2023 20:33:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A237 6 KB
3 KB 120ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:16 GMT
expires: Fri, 21 Apr 2023 20:33:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 i Show response
pa.rxthdr.com/v3/ 0
195 B 381ms
168ms XHR
text/plain 3.224.1.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/i?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=habr.com
Requested by: Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.1.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-1-22.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://habr.com
date: Thu, 21 Apr 2022 20:33:17 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

POST
H2 204 i Show response
pa.rxthdr.com/v3/ 0
196 B 360ms
148ms XHR
text/plain 3.224.1.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/i?publisherId=92707dda-5614-4d3a-b4f5-531645d13ecf&host=habr.com
Requested by: Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.1.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-1-22.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://habr.com
date: Thu, 21 Apr 2022 20:33:17 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET

GET
H3 200 container.html Show response
4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D5E2 6 KB
3 KB 119ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:16 GMT
expires: Fri, 21 Apr 2023 20:33:16 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33D6 13 KB
5 KB 122ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 19:27:34 GMT
expires: Fri, 21 Apr 2023 19:27:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8C13 783 B
534 B 131ms
49ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e125309c94a523f3110a75d1bf91141d2ef5dc17ed8b9ff164f5523dc88a4218

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6JKalieuhwAo7kcHhFUVHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-6JKalieuhwAo7kcHhFUVHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:17 GMT
expires: Thu, 21 Apr 2022 20:33:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8690 13 KB
5 KB 97ms
45ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 19:27:34 GMT
expires: Fri, 21 Apr 2023 19:27:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 517D 783 B
536 B 103ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27b1a87d5263fd3e969526b48e37d2dd4e3ee38993791ff97d8aab253b8021b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8SwITVhS2F9bGzG7VBeXyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-8SwITVhS2F9bGzG7VBeXyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:17 GMT
expires: Thu, 21 Apr 2022 20:33:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DE20 13 KB
5 KB 88ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 19:27:34 GMT
expires: Fri, 21 Apr 2023 19:27:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 81C0 783 B
537 B 97ms
48ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5001a743664f61b0846417f975f17e19a39d3a6b11a9736d3c3fb81c456c8c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WQ8JQQnhX4Pf2HUX5iqH9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://habr.com/ru/post/486856/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-WQ8JQQnhX4Pf2HUX5iqH9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:17 GMT
expires: Thu, 21 Apr 2022 20:33:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9BF3 624 B
559 B 141ms
51ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiMgfu-ATAB&v=APEucNVLx5DocDVJhaDPOzYQb6c7sMYZOqIkERLeiD7zc7owTburss7mioYZah5AH2LQ2YeywJ-rVLO_f7dEZQus65G0qx4e1TEo5Qc1NNmmbTr6U02_-amQRv-JUGZSNXuTKcrTkSkt7GJJLv0Gm8Dpg4rbE9oAA4xxghqEcOhZv4J1bjkPLeQ

Requested by

Host: 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com
URL: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:17 GMT
expires: Thu, 21 Apr 2022 20:33:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/ Frame AF64 19 KB
8 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/abg_lite_fy2019.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:21:22 GMT

GET
H2 200 660012239254471464
s0.2mdn.net/simgad/ Frame AF64 14 KB
15 KB 168ms
39ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/660012239254471464

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f0305c9d9cd478c413c5eb0b00262de6731647b7431832db221649c19c1bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 07:17:55 GMT
x-content-type-options: nosniff
age: 566122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14803
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:27:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 07:17:55 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/ Frame AF64 6 KB
3 KB 134ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:28:20 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AF64 0
64 B 169ms
78ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6ynqYoZTpJM0Rv4Z4VA7xOGKZWF_ijkLZDNA6g6HV4ExvemzBW-H8-2mcM_TINn9uQVfuEYtC457V1VYnndIPXEeappRUiI6w89aibj1EvFhfC29vo71VyQj1xxLZu4No9HzADp34p-_bhGE9iDg6t8l-oZaBOOnCbXCXZ99RgwTVNkXIg-CWpNAs00uO8Uv-t8dyOFi--KKYLYtJ8hITFuG_PyZADA0IOZQ8N_mU32z9hFG-iz6aTvoyn0Xc9Uw-d1tsjPF7ebRRAITQk_wNDYUazQPAqltYuzvgrSQ5c0G1WSlOjHUNwoXel4QMqlcY14-FZa9mdTQdGa50Ifwsd0vZszN4dqYiMbDWI6vcEq8YcJh_uSuGxiMBF4jo2aRfrHPTNYbvQjbapoX8kYLTAhzOTTNgt2awx4OP7DkEtc-4q82cX4T9p8lCzNqD72XQFjxeNnUoANTA5SwayiVkBkYDi_fJ3UP7i3rrtGVrPtkCgo7gHzJdWrhq66ltQr7H-KBtFpTL3Wrn26D6aM_cDW09BYcv7p-2714QK04yhH0k8Q3USKPsC_so1Evse_NhatRZm0hfBMkyCV1SlNxZszBkHHnIJLEwAGzSwRAMjBt4Ia4QseU_dWIBuCK4VHjUNo-G8nqDMeDT-MalvBuuBfG4iU2E-eU_BCOuR5oHnSCV8Xdfnyx7OQ0oHZe0grdSRie9ZoVT9Gw2vHUFUj0fvcouL9KMID_pdmUAL9AMIyvthXZNc8HMra1RZpAW6KUhZeE4qg3H159148A6xjB163rSE6KSWOeWMJgPy0QoNTw9xkbJjBWkT859EGcfdS-uIKfR4lXJFSvfr31PbOYrMuA86HWRXwAReLvp_Pz4OyukVw_5NUXycshN9-PbGaqXCibH6eS5M9iZDurIsZAvil26M4SOOlTKUpUCpBHYWOZH5fibrXTsDvktPbJWbOQaB_BHWIfIQIhUnjkjdbp8fMkdnUVakidSTjlnx8ME1d_i4r-vbcJRRdgUbUyFsmG05iwYAE-lsn4hSqyOjBKSeklRMq21mlZ8lCRiJkDw3uARV84BCB5KD3xJNPTCZRH6h9n0aJSkN13RuxXWYOprZvLZu7XmqmYzCd4SnGUwZh-DdPGYMnBG&sai=AMfl-YS6XbJfmboDxUzP3H68rAZRAGf6jd1GhpjGOEq6nJG56ohipE5qeSWc27Ztw324xGoNahsj6CDBMnS9LZiwGr7gODGrUJQy5nyw5mfFdgCaTS4nGAosaW89QXWDx_A3ZaXn3Put-0jMSKfBuaf7FJCIG_ijW72Z_k-Lhxlzc5NXBk1CzF4CInVbDYslAM6XBGO4jN4uNihoDNlp76blRWkQTxey7ka9KIJ5BwBiZ0lWozmieeHg1rRUQ3NErZaxk-NoBlCMOZoN8e4OscleNc_gQII31kRH2fnfHOwe-tnVXhsyUqvt2P1Mvgd_U7MVJ8ivPw6ZrdUkhWBD_ULPZBhKt3u0Wrc4HxFdEvO240GOn6vHPeESkCLpvGMTcG-WT61W53FuzSzATtii45aHIQ&sig=Cg0ArKJSzDpJ2gBXro1mEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220419.81134&adurl=

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 21 Apr 2022 20:33:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AF64 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 08:56:20 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF64 42 B
63 B 171ms
93ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BsRGFtwDJzDAH99z4fYwKDy2p4HKBkSSjaI84y80qYqDOoJdOT9fE-aMIYcZxNdOB3ayTC4hI-qUhZ1MJwIV3YbSeV6Ok48z5N0MrLKe87ugYy_LI

Requested by

Host: 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com
URL: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame AF64 3 KB
1 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com
URL: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:28:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF64 119 KB
36 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com
URL: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 20:33:17 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame AF64 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com
URL: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:19:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AF64 0
0 48ms
47ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvxv53kAiyIRY7Xe3Nds1GXZXHXEGrQJqOFhTGBdkUFHkz8egUyAfuOngVEwGxuJE8AnJcsSN0Hw7mgR0KQB0lOTyT9g
Requested by: Host: 1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com
URL: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A066 624 B
975 B 115ms
50ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjJhvu-ATAB&v=APEucNW-qikOosIdr3F9Vibm7MPq-6n7bOFVf4eMTxZ3uWRTFNQZ1cKHyOujrdreXf47ndd18E-OFkIcKExbf7W057Er-6qd6VQQhtWQKz7Nj_bI5reqIwp7PckPD8ZMIWFLrsVLSYHsIdn_4ZDQkT2IpknacPtal9aeNBcggqZLJUNDZzOVWD4

Requested by

Host: 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com
URL: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:17 GMT
expires: Thu, 21 Apr 2022 20:33:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/ Frame A237 19 KB
8 KB 103ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/abg_lite_fy2019.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:21:22 GMT

GET
H2 200 10159726521628711292
s0.2mdn.net/simgad/ Frame A237 23 KB
23 KB 152ms
49ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10159726521628711292

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f5c25fdd5e9fa3d220a201272b768adf6558c8b44d825e4fbb933bcb2f3141d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 11:41:13 GMT
x-content-type-options: nosniff
age: 550324
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23184
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:27:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 11:41:13 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/ Frame A237 6 KB
3 KB 92ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:28:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:28:20 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A237 0
622 B 142ms
76ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstzwbEwQhhAxLPT6Rh778CvXK2JVrUANjg9BQRLUSbkylzOwk5rqRBksSNkzR2NNy2qq2GIfCvCpxowYlRf4HvXAGg8dynhsd8t9kIJIV_rJ5L_hEwVCLsqX3Z5LyUqewt-wkSWm0Uu3G3Bq5yUqoXEV6idHOtHwa8kMVpm4lGWPaTZ9xAX4bqe8Of9KkJjtECEsJ8D110tfpacYK6PA_RN13s7CxYe2TiWIw17solLQUHe-wiz_VaMqUmkzf14w43i70jnqtHXh0BOzs5y_j6Iu2PBJZ5fWUtHMtQBv1CYscjzcvr6Y39kOQULGZydISPv2rNKE8uD7JKixSX4SA9AuUB82Y9ry1pPkF9dmX7my1hSPIk5CeXJDtXs2i3gyMvIfo3UOOKAHrgJvrwIUE-8HtWrg8fLaj_a-sn9hm1fS2iQrfEKq9QWVg4RKJIL84-SRZFRF8pK-C-qQHJAaKJvTY7FUAECKTir3C9JlLnUfZRM2DYyA8Z0oG52_Px7XHZhNGBYT5EAdA0Gc9NMdNR7p1bITtzhk2alYyp4q-TF4wnaTB3LGLxT5SOviRwIih3c1FIgV3506-nZnMwjWSl1VTqceWNT7KzEwdyj0lYkd0E_ejRCUnt41o944fo5FTKhgZ6rRAPMHQ10xBkcQvD4silUsHnfZeVlrjFwcPaJ4JhjJ014Iew6By4abz7Tin5fL7d28jQ5zDOAVqacum643GGOj2Sx1FZu3-A218fXf6DdHiRsFjP-yKV9DZf2AYCnwEaPHa5bljavIAKTDj8n0_FU-Z7J4Re97ytEzBiZ9--dssAlx9dyzBsw--hwZ6kMzoF_1Qf8YTnDVZHF5ow__VJoJno3sIbqvGZTV6AOGPXZRNXp-7kMaRs6B0Pe8x6L_SyjFGiuBXIPBFAl5Bwlkh2N-cxiPkmx6d2QsT3LhSvtcbipjylZuYLF0K0rweGhanRue7w77s_UsSgiuGzTJBfbrq6Hj9KXTiq5yat40CFL7xJUnWy1yjeGaLJSon-r7RPGkegitcEOM-xPITB6E6Ks0iEpKDAssyQNAnKO2nWZDJhOHwoUv7UNFEZmAFi2WVhrNpzaPMP0JLwTAJx86borPWohtbVk6FFM4jXLqa6yzP1PjE3lAuOjcFBjVA&sai=AMfl-YQE3w4wb5NGkB5APaKuwXcplZD-LZz5kayX0Az32qGIxs_LWjTM2z7ouApFQNdF-7_ZTl9Ja033qNgJpL71ozDxcreCnAAHvB8i_zauZTpwJoKwe5YUY0WyO4T2ikpJN9DNDfeZi1NyRftYtyqd3qmtmjE2n2ZiNDpleRdU1yyUbbF_V-adAg-DHNX9ErwYB-bPfobMCMZ1OZgLGsypwKc7Rp6O93540nhIrrikarLqRb3DDertFWVBT0JahFV-pdd1qhwg0NxVfjAUywvnwgwumQYAfFIGxLF9AJUY-FYiSQDkLJSg4ZAlqtzWRvcWgC45ee7-4I-iKal_TouzAEX0qE_exkemWGEK0CynrJYLfcVQakwR48EXH0l8xUOYhE6ZQ4UKiQJ9P0Y5WLL8vw&sig=Cg0ArKJSzPaKLr7v6OM0EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220419.37259&adurl=

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 21 Apr 2022 20:33:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A237 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 08:56:20 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A237 42 B
63 B 145ms
94ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKttff37PsfyFBciI3j8jcPqfPpbSkf4wVVX33iPE8ZXlqCMKmmuJCXPonZSPayCzDJN7NfR_vKMVNdFjbZ2aLs06F5zpntaiDGrx6v4z7cbs6vs4

Requested by

Host: 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com
URL: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame A237 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/window_focus_fy2019.js

Requested by

Host: 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com
URL: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:28:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A237 119 KB
36 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com
URL: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 20:33:17 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame A237 15 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com
URL: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:19:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A237 0
0 47ms
46ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTj6IznXMb6Fo-0OBbnpJDwt-IFvXvU7-e5g0xVWOE49mDeP-0BlHWbIw_aeKxsWVf_o6kFh8BtF4ySncj8tETIrmmz5A
Requested by: Host: 247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com
URL: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1BB3 624 B
559 B 107ms
51ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiV6ayaATAB&v=APEucNU1QaRFtEPcNP-XZtHG8g2waa30LUBel81m8iKgz0Vrooz7mowcIARlEdWIjXHFEHEeSZmWU9xrQ8hBK41yt2u1MFgALgzFuc7CYgdYzgqInfo7ZVxy_msQhARNUGHoDFh2g4683qnZub1FLKXObu90BOzNi_ugx5MackldS_OMLmkk35Y

Requested by

Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 20:33:17 GMT
expires: Thu, 21 Apr 2022 20:33:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D5E2 78 KB
33 KB 136ms
82ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdqLUCaFqNHdvxbml9X1DdM8BpMsKBNnKmmrpvdxhrgLzqPYj_m39J9gCR6BfhtWERpBhetsICLsWapLZVrGO5Pp2RogYb3ugSLeBv2YOqWu-DguVHtWktBFgLHhBxyvkKfEJpD7ARi1gA540XUamJ5wE_lg&dbm_d=AKAmf-C1PQKbM5YeDieM70MzZansABYzwzTFX13cQnRfYPgTL-xlvLPCsi5sR89qEp7ZELjv6RUGnWENtzb1NCivseo2SLk3ooLdVQvkQb4q5oN5ZW5CrpLpS8FD-zsV8RYWa7QOvcN0lEQ56FenxShzSeQntBcCchIqzI_kTZkQQ1uhuHXBnGhZeYOc5yk7as4ZFPCdMBTLmd80BIUDt3za5p1ruZBAW-RJKkEcKetXTolg_1uln7DbCLGwvRnplJQ8pOz5p5iUlAoKE2w3uNZ_GhQmLdeJfO1SEBhvK4AUuoGl44XwXTSADVCyNpl__b5tTCHttjpBK8bDwMp2MwluSECHHmXGm5TEWuM4DqqRJgyWYZi4HrJIFeW0MV1kiiKau7mAgPVirf_mHsxoASQJ7KAwdNAr4h6J4J2eM3UAcKlgMmG4MyCafzIlxn7Mue3X_wNXuCIfbxI8EBg9e3oBkrl688FrWIzEjXRO9T0Or4yjEqSl9Um0XHaaOES1BkXfkLZ8Yf1aV2wINKH2KFA51SC1sTA2srNNGEuiUmDViLxVr5XP6deWikLhAvFwszjoS3NRBVJvuaElQauujHaft6K1VLJ-fYIlGg7Oc3L_7oLox1K1Zxj2DU0XpnWg4sD5SvBtBBPT8HSpKtmxCfMLuLgOB7aCc0oFNx6FcdZXn-DRl0B7kg2p0w6x5Rb9BQwlKgWQIaRcYA-_qCQTecdEzHiIl2xXtVDTyoq4sCrHljeLSzSmuuWK0bcr4zxO7l-c_qz6q7y6OuM6pS5O4vSwQp7BSH1hTLW18IBrW9QU9Odbw40IP083En2dC0HKGGg8F0yRetItZeRSN81_8an_Rdj7A8ifyIRQdtafa1aFUxN3BJ3CY_DF7S5676rfW0wjjYHLsvVo3Cu-ym4uwahegc-9UREjADLv1sGndvemP8w1vzKy64bVjBwSc-Lg0xmduWHtXju2U1zYcdmTPvrSk_G9wDILB-aRM5c_hEr3udb_j0QeLi-kfayGZ9x_7W4JByBqti72-_7et6Y6aLUCJ86Kw9h_QsiAhMm2Io0_jd5yqSIYvgIBOwfBhssdCXMrHQHB92gbZbDNLi2fJ0DVKnKBI2yG3yF9UHYa_HN2Gb6QBtwjscroilm4ssWyTT_qmGEqYB-ttL6Fb2XXvqx6vH4GHV1I2cMaOSTLm7f_JuRwZUuSLwshZw3U2Ol97No9NNmsVhYkl4sta3YhZolGErVWoWTCAuO32eJYmNSCnoQd67g2rvwAqe2OIgfNYAnDIc4Kk9Duxl5S27qortIIPr3aMwjNc8i-Z_XzcEjMXFbQ5qjQpUOzUR1dmZamv6_Qh8y00kfqb10xK3ey3xRzxIy1CTqkpo2wZHBkhI_bpXEnbtEAaWjROg8p-LzKMZK8RKQwxat926YDWoxYGJR7D597cQa4zzhuxdaV821PX6e9NtBhHDQHraht3M2N9m9HkrmMdG1BYt58YXDTv7igK0w1k0Et6sqVWic-mOV_GNti1VpxLu1_Il4Pvg9aviIqNU_EyqqPn--dU59PTCmDyhHaKT-sEo7zXFfGiP9f9SDOg-2qYdyMS5LOrDIDdHyFnjbwNjbZIRbEb1yNQWI6vtW-zDITuyJkMXLWo7bdUM-Y2wfQYqLN41al14VQjIMJKILPS0hTvi5IiajlJCqGLxDJ0CLjknvkzbadYmFuNLEXDl9ln3sP4EmCB6ScQpi6ODvIgimpmYDJZM_e1luw_kQ9Ji3bwjnZMzK-SIERc2GBb1D6fR0q6lykKDjni2Vu0Ufvpdl-brSmtYguO3ZKqF6Ci86487z6Ivx1LXkgqKnVM63CZy8TzOsT8Uswzcx9NDQ7iw-OOmgqJ2CxqWn5scp0TQ1zkvrm_X0BhpsB_F5fYfa2wIp2ZW-DAZfm2OOubLnhUaYLhU3HLGJTYMH_m8X52BLk5Zpb1mz3qWAd2TM2Mf7A5xwsrnm-sO_Tt-eEyJtYd2h_ANmqQZRhMX8ifWG8D-0aOIVJhmqI40qrXR1VcEs3KEgpLLZfs36iEq_7V92k_MKXvJFIIn3jhLY7rVSMdd4cUeX6LNrVnl-rRbz_f30Bd11C4VqjCDWe-1e2IM6VXsw5sxwpXED-YgiBhC4WwM4TNf1uGV2POOBHNQCyTrkt38CUxF9tZLLly0NhLxFAiJP7lnETTMYW-kjWT4yJxZxfdZSLI054rHtYF7QlEHsMotHQb-3nQJ5CY1F9YG72mEL0rbUp6KGsDW0_0-PktmB3rItNfqv6WsDTGMzhfhwkNXfpJcbptvTvqbm4rQUh-ESpzR_nrFlwzm4SV0tTQbq7MFNpYhO1qayGbvVyiM99jEwT0LWQFBHW36CZi2HJLFijwy20siXEGkVEtxF-i7gyI3xPP4-PtYhAB_iud3MZj8002trtDb_2P1zdVsv58OcFFWHAxhr6MLDqECsbxR48XzGzpShyX0xObrYBvwBS0gzSoEjRBSQOFelUxFkCrZzrZ2sBv1Dcgt6D2SiNjBM5ESmqb3lyiKxEtxck25p1NjWh31H9Wa7zc-l5UlYA9d4I_TEaaUoVYaEQs1yTZl58C4VCEGEBhk_EqiFKpgE9dSMPa_7gK1yHEungultswt4Uf_BvlHxYl8RhyO5IejM0k6FDo7rojkomLFqYAdBOf3ob1xV_7Vnvl2y11SvBBje3Dw_fiXC5zLrilRCt2savbKGXay62SZ-X3GFolSxho0nCtONIeNn4thlSiO0SCiDTa6qq3ZA_9crwwh7WBIPARC4crwUan5WJQkLB5PodhM3ju4kEWAL7I7HeIjbjmymi-zU2GE47JLeQpcb4G3PORxKhX9d_GzlxkrSXnvt0RnRvcDxWiNexJzVwxiFvItn7t7cKA2fj4CHPAcLUx0B_p0JETnun53eEj5MSzLCX9dc9mQbzXcI__r_tqUNUJu97fKyG7OB7N22csE5dhZ4vDMpQU9I8MqplH4Xf4XFrYDW3rBh9CUlzJ9P5AlauTg_wF-Bng2FXZuyWcLIAhzWcFpHeTtj7hqzVs5dx88WKyDsPHnpmxufvoefNuLXdugyuuSRB_NeBGQEi2SwErTI0fSb0oBI2kbHDFpkRwOVrV7UurgpQMDhX1twN7HfGBQ_M&cid=CAASKORo-fw3ay0Lc6HHJYkLgcOIBVJ75nvxnm1CtAN2Kst50zo5ijOcVuU&rfl=2%2Chttps%253A%252F%252Fhabr.com%242%2Chttps%253A%252F%252Fhabr.com%252Fru%252Fpost%252F486856%252F%240

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463b2b94f2ff9170e8f63d5ce05a15f629c1727a8e800ba79089daf4eec220d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5E2 42 B
63 B 141ms
93ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_0vqDkpwBXIlmDFpCTcwlyhvfWQn_nk1Wx2J35uHTarrnDFlKaC5PC-BlqUVfCj3LgXDIZIgTs-VWmaVGbqLjeWCTcjLPWiuAmmozo14bx3SosM0

Requested by

Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame D5E2 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:28:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame D5E2 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:19:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D5E2 0
0 49ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdJ-K2XZe8G-ZojOK6hbg_zHSAfEvv1kBoI_a1dsKNi9dUGyfyyfExhroFnPshLxYJDwPvP3iq_SjgF41NxvrliYDYMw
Requested by: Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5E2 119 KB
36 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 20:33:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A22 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 08:56:20 GMT
expires: Thu, 20 Apr 2023 08:56:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 81C0 0
0 96ms
93ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=877337711169517&rc=
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8C13 0
0 95ms
91ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=825672408674588&rc=
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 517D 0
0 94ms
90ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=1717448534201291&rc=
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame DE20 35 KB
13 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 33D6 35 KB
13 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 8690 35 KB
13 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8CD0 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 08:56:20 GMT
expires: Thu, 20 Apr 2023 08:56:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/406261/ 0
66 B 79ms
79ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/406261/event?pm=cza&rand=mrirqvh&duid=1650573196135639588&ad-session-id=2856001650573195811&p5=lenpy&dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&utg=oxum&lts=fixyqil&rtb-si=b&ytt=116000087474181&hash=b86b38f8ae5fef8b&ybv=0.571603&ylv=0.571603&rqs=i393BPzVhAmLv2Fi4fNS7EnhHCLp10_H&puid6=ru&puid5=%2Fru%2Fpost%2F486856%2F&puid4=no&p2=hnxd&pr=mxhtwdp&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid2=f_develop%3Af_admin%3Af_popsci&sj=L2jiJGGaxuJuw3BsMvVlTw1GLoiOshTlLonqgXuXgWqW5v5W5ptwA51CZTe8&puid1=post&p1=csxvg

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2022 20:33:17 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A22 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 15:49:59 GMT

GET
DATA 200
OK truncated
/ Frame AF64 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec28301dca006dcc8ef084cb5a000d239fc6b12577eb8a9ebe408148cf2c9715

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A066
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjJhvu-ATAB&v=APEucNW-qikOosIdr3F9Vibm7MPq-6n7bOFVf4eMTxZ3uWRTFNQZ1cKHyOujrdreXf47ndd18E-OFkIcKExbf7W057Er-6qd6VQQhtWQKz7Nj_bI5reqIwp7PckPD8ZMIWFLrsVLSYHsIdn_4ZDQkT2IpknacPtal9aeNBcggqZLJUNDZzOVWD4
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 20:33:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A066
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmG-ja2aCQVkHRS9cFGWswAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjJhvu-ATAB&v=APEucNW-qikOosIdr3F9Vibm7MPq-6n7bOFVf4eMTxZ3uWRTFNQZ1cKHyOujrdreXf47ndd18E-OFkIcKExbf7W057Er-6qd6VQQhtWQKz7Nj_bI5reqIwp7PckPD8ZMIWFLrsVLSYHsIdn_4ZDQkT2IpknacPtal9aeNBcggqZLJUNDZzOVWD4
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 20:33:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A066
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

43 B
1020 B

38ms
37ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhjJhvu-ATAB&v=APEucNW-qikOosIdr3F9Vibm7MPq-6n7bOFVf4eMTxZ3uWRTFNQZ1cKHyOujrdreXf47ndd18E-OFkIcKExbf7W057Er-6qd6VQQhtWQKz7Nj_bI5reqIwp7PckPD8ZMIWFLrsVLSYHsIdn_4ZDQkT2IpknacPtal9aeNBcggqZLJUNDZzOVWD4

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 80664a67-a64e-4c30-b460-7127e68e8d51
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A066
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

170 B
188 B

105ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 93b24ac9-52a5-4669-880d-00148de95bb3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A237 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d0e296e7508cfa488c724cf96377c5e22a3c7a8bd768e431f71adc1f3d3c956

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9BF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

43 B
894 B

26ms
25ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiMgfu-ATAB&v=APEucNVLx5DocDVJhaDPOzYQb6c7sMYZOqIkERLeiD7zc7owTburss7mioYZah5AH2LQ2YeywJ-rVLO_f7dEZQus65G0qx4e1TEo5Qc1NNmmbTr6U02_-amQRv-JUGZSNXuTKcrTkSkt7GJJLv0Gm8Dpg4rbE9oAA4xxghqEcOhZv4J1bjkPLeQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 20:33:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9BF3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmG-ja2aCQVkHRS9cFGWswAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

43 B
894 B

39ms
39ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiMgfu-ATAB&v=APEucNVLx5DocDVJhaDPOzYQb6c7sMYZOqIkERLeiD7zc7owTburss7mioYZah5AH2LQ2YeywJ-rVLO_f7dEZQus65G0qx4e1TEo5Qc1NNmmbTr6U02_-amQRv-JUGZSNXuTKcrTkSkt7GJJLv0Gm8Dpg4rbE9oAA4xxghqEcOhZv4J1bjkPLeQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 20:33:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9BF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

43 B
1020 B

26ms
26ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiMgfu-ATAB&v=APEucNVLx5DocDVJhaDPOzYQb6c7sMYZOqIkERLeiD7zc7owTburss7mioYZah5AH2LQ2YeywJ-rVLO_f7dEZQus65G0qx4e1TEo5Qc1NNmmbTr6U02_-amQRv-JUGZSNXuTKcrTkSkt7GJJLv0Gm8Dpg4rbE9oAA4xxghqEcOhZv4J1bjkPLeQ

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3da39a2c-902c-47ae-a724-6cf9c6586fdc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9BF3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

170 B
188 B

109ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 964745b3-5b30-4520-9b44-908f59b99aa8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1BB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiV6ayaATAB&v=APEucNU1QaRFtEPcNP-XZtHG8g2waa30LUBel81m8iKgz0Vrooz7mowcIARlEdWIjXHFEHEeSZmWU9xrQ8hBK41yt2u1MFgALgzFuc7CYgdYzgqInfo7ZVxy_msQhARNUGHoDFh2g4683qnZub1FLKXObu90BOzNi_ugx5MackldS_OMLmkk35Y
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 20:33:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1BB3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmG-ja2aCQVkHRS9cFGWswAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiV6ayaATAB&v=APEucNU1QaRFtEPcNP-XZtHG8g2waa30LUBel81m8iKgz0Vrooz7mowcIARlEdWIjXHFEHEeSZmWU9xrQ8hBK41yt2u1MFgALgzFuc7CYgdYzgqInfo7ZVxy_msQhARNUGHoDFh2g4683qnZub1FLKXObu90BOzNi_ugx5MackldS_OMLmkk35Y
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Apr 2022 20:33:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6nFVwdm3pqMuQcZj_clzA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1BB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

43 B
1020 B

11ms
7ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRCUxZeTAhiV6ayaATAB&v=APEucNU1QaRFtEPcNP-XZtHG8g2waa30LUBel81m8iKgz0Vrooz7mowcIARlEdWIjXHFEHEeSZmWU9xrQ8hBK41yt2u1MFgALgzFuc7CYgdYzgqInfo7ZVxy_msQhARNUGHoDFh2g4683qnZub1FLKXObu90BOzNi_ugx5MackldS_OMLmkk35Y

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fcdd7c25-90a1-485b-8e1a-0fbabcbca6de
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPJ69o6QLtLRlvYiwSG4UkA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1BB3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

170 B
188 B

91ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Apr 2022 20:33:17 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: db2ad267-565c-4e3c-b4bb-c56b9a9702dd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ0NTEwNzM3ODg5MDQ3NTg2OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AF64 0
26 B 137ms
69ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame D5E2 106 KB
37 KB 86ms
40ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
Origin: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 09:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Apr 2022 09:48:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/ Frame D5E2 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdqLUCaFqNHdvxbml9X1DdM8BpMsKBNnKmmrpvdxhrgLzqPYj_m39J9gCR6BfhtWERpBhetsICLsWapLZVrGO5Pp2RogYb3ugSLeBv2YOqWu-DguVHtWktBFgLHhBxyvkKfEJpD7ARi1gA540XUamJ5wE_lg&dbm_d=AKAmf-C1PQKbM5YeDieM70MzZansABYzwzTFX13cQnRfYPgTL-xlvLPCsi5sR89qEp7ZELjv6RUGnWENtzb1NCivseo2SLk3ooLdVQvkQb4q5oN5ZW5CrpLpS8FD-zsV8RYWa7QOvcN0lEQ56FenxShzSeQntBcCchIqzI_kTZkQQ1uhuHXBnGhZeYOc5yk7as4ZFPCdMBTLmd80BIUDt3za5p1ruZBAW-RJKkEcKetXTolg_1uln7DbCLGwvRnplJQ8pOz5p5iUlAoKE2w3uNZ_GhQmLdeJfO1SEBhvK4AUuoGl44XwXTSADVCyNpl__b5tTCHttjpBK8bDwMp2MwluSECHHmXGm5TEWuM4DqqRJgyWYZi4HrJIFeW0MV1kiiKau7mAgPVirf_mHsxoASQJ7KAwdNAr4h6J4J2eM3UAcKlgMmG4MyCafzIlxn7Mue3X_wNXuCIfbxI8EBg9e3oBkrl688FrWIzEjXRO9T0Or4yjEqSl9Um0XHaaOES1BkXfkLZ8Yf1aV2wINKH2KFA51SC1sTA2srNNGEuiUmDViLxVr5XP6deWikLhAvFwszjoS3NRBVJvuaElQauujHaft6K1VLJ-fYIlGg7Oc3L_7oLox1K1Zxj2DU0XpnWg4sD5SvBtBBPT8HSpKtmxCfMLuLgOB7aCc0oFNx6FcdZXn-DRl0B7kg2p0w6x5Rb9BQwlKgWQIaRcYA-_qCQTecdEzHiIl2xXtVDTyoq4sCrHljeLSzSmuuWK0bcr4zxO7l-c_qz6q7y6OuM6pS5O4vSwQp7BSH1hTLW18IBrW9QU9Odbw40IP083En2dC0HKGGg8F0yRetItZeRSN81_8an_Rdj7A8ifyIRQdtafa1aFUxN3BJ3CY_DF7S5676rfW0wjjYHLsvVo3Cu-ym4uwahegc-9UREjADLv1sGndvemP8w1vzKy64bVjBwSc-Lg0xmduWHtXju2U1zYcdmTPvrSk_G9wDILB-aRM5c_hEr3udb_j0QeLi-kfayGZ9x_7W4JByBqti72-_7et6Y6aLUCJ86Kw9h_QsiAhMm2Io0_jd5yqSIYvgIBOwfBhssdCXMrHQHB92gbZbDNLi2fJ0DVKnKBI2yG3yF9UHYa_HN2Gb6QBtwjscroilm4ssWyTT_qmGEqYB-ttL6Fb2XXvqx6vH4GHV1I2cMaOSTLm7f_JuRwZUuSLwshZw3U2Ol97No9NNmsVhYkl4sta3YhZolGErVWoWTCAuO32eJYmNSCnoQd67g2rvwAqe2OIgfNYAnDIc4Kk9Duxl5S27qortIIPr3aMwjNc8i-Z_XzcEjMXFbQ5qjQpUOzUR1dmZamv6_Qh8y00kfqb10xK3ey3xRzxIy1CTqkpo2wZHBkhI_bpXEnbtEAaWjROg8p-LzKMZK8RKQwxat926YDWoxYGJR7D597cQa4zzhuxdaV821PX6e9NtBhHDQHraht3M2N9m9HkrmMdG1BYt58YXDTv7igK0w1k0Et6sqVWic-mOV_GNti1VpxLu1_Il4Pvg9aviIqNU_EyqqPn--dU59PTCmDyhHaKT-sEo7zXFfGiP9f9SDOg-2qYdyMS5LOrDIDdHyFnjbwNjbZIRbEb1yNQWI6vtW-zDITuyJkMXLWo7bdUM-Y2wfQYqLN41al14VQjIMJKILPS0hTvi5IiajlJCqGLxDJ0CLjknvkzbadYmFuNLEXDl9ln3sP4EmCB6ScQpi6ODvIgimpmYDJZM_e1luw_kQ9Ji3bwjnZMzK-SIERc2GBb1D6fR0q6lykKDjni2Vu0Ufvpdl-brSmtYguO3ZKqF6Ci86487z6Ivx1LXkgqKnVM63CZy8TzOsT8Uswzcx9NDQ7iw-OOmgqJ2CxqWn5scp0TQ1zkvrm_X0BhpsB_F5fYfa2wIp2ZW-DAZfm2OOubLnhUaYLhU3HLGJTYMH_m8X52BLk5Zpb1mz3qWAd2TM2Mf7A5xwsrnm-sO_Tt-eEyJtYd2h_ANmqQZRhMX8ifWG8D-0aOIVJhmqI40qrXR1VcEs3KEgpLLZfs36iEq_7V92k_MKXvJFIIn3jhLY7rVSMdd4cUeX6LNrVnl-rRbz_f30Bd11C4VqjCDWe-1e2IM6VXsw5sxwpXED-YgiBhC4WwM4TNf1uGV2POOBHNQCyTrkt38CUxF9tZLLly0NhLxFAiJP7lnETTMYW-kjWT4yJxZxfdZSLI054rHtYF7QlEHsMotHQb-3nQJ5CY1F9YG72mEL0rbUp6KGsDW0_0-PktmB3rItNfqv6WsDTGMzhfhwkNXfpJcbptvTvqbm4rQUh-ESpzR_nrFlwzm4SV0tTQbq7MFNpYhO1qayGbvVyiM99jEwT0LWQFBHW36CZi2HJLFijwy20siXEGkVEtxF-i7gyI3xPP4-PtYhAB_iud3MZj8002trtDb_2P1zdVsv58OcFFWHAxhr6MLDqECsbxR48XzGzpShyX0xObrYBvwBS0gzSoEjRBSQOFelUxFkCrZzrZ2sBv1Dcgt6D2SiNjBM5ESmqb3lyiKxEtxck25p1NjWh31H9Wa7zc-l5UlYA9d4I_TEaaUoVYaEQs1yTZl58C4VCEGEBhk_EqiFKpgE9dSMPa_7gK1yHEungultswt4Uf_BvlHxYl8RhyO5IejM0k6FDo7rojkomLFqYAdBOf3ob1xV_7Vnvl2y11SvBBje3Dw_fiXC5zLrilRCt2savbKGXay62SZ-X3GFolSxho0nCtONIeNn4thlSiO0SCiDTa6qq3ZA_9crwwh7WBIPARC4crwUan5WJQkLB5PodhM3ju4kEWAL7I7HeIjbjmymi-zU2GE47JLeQpcb4G3PORxKhX9d_GzlxkrSXnvt0RnRvcDxWiNexJzVwxiFvItn7t7cKA2fj4CHPAcLUx0B_p0JETnun53eEj5MSzLCX9dc9mQbzXcI__r_tqUNUJu97fKyG7OB7N22csE5dhZ4vDMpQU9I8MqplH4Xf4XFrYDW3rBh9CUlzJ9P5AlauTg_wF-Bng2FXZuyWcLIAhzWcFpHeTtj7hqzVs5dx88WKyDsPHnpmxufvoefNuLXdugyuuSRB_NeBGQEi2SwErTI0fSb0oBI2kbHDFpkRwOVrV7UurgpQMDhX1twN7HfGBQ_M&cid=CAASKORo-fw3ay0Lc6HHJYkLgcOIBVJ75nvxnm1CtAN2Kst50zo5ijOcVuU&rfl=2%2Chttps%253A%252F%252Fhabr.com%242%2Chttps%253A%252F%252Fhabr.com%252Fru%252Fpost%252F486856%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:32:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/ Frame D5E2 25 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220419/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 20:31:59 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CD0 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 15:49:59 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A237 0
26 B 68ms
68ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D5E2 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 08:56:20 GMT

GET
DATA 200
OK truncated
/ Frame D5E2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23f4f5bd0cc3ef969143ffc04bd28015d3bc23a39c62f059a62741c24456fc15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 216 KB
31 KB 86ms
40ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0c28a3ee0e841fd740943e6be241e495cfda59e2cf5d64452d3882824a25b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 280925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 31567
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 14:31:12 GMT
expires: Tue, 18 Apr 2023 14:31:12 GMT
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D5E2 0
27 B 76ms
75ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtxDBjR96FaYMJFJGFMuk0llhhJV_1dxJKVK42gwCZ-m4_nhf6H-1EInu7k-CzDzwuCsnZE8zYoQ41itWAG7Sz64L2n86JDBm1NeUqAa6Brg6VjagvuOtxGPDGQ4nuFr1dJ4IMlu_xXjdUQaIMp8TGdOV2v9hmaQexIwabZ335bmL_cDooZShqg15jPT2v7u9n18J92FRK2vKHlTHGZw9czXC49J9wCllacUXoyK-J4O78zVBL9kv2obU2Hf7eBJlmjHZ1lQxlYfem27vLsgcFW3jq2XT2hBcZbTh3Y9hI1ywBP_rdcPdnL2CKfj4rDJfc-PH8PdVoLt5Z1ZiClOY5c2cdJlikdRwUyHEXG1fqxTPlWHNboFD4Qn-JdgCSDhZZoWEbhA90AGgr_UkrP9Bv5Gul021lJm6DPKuR5FfN-yJ81Kc1ds-_c10wq4OYPyeEl5CtJUU1iOILIxO-TAAdb963NnRxsh3_eG-_LjZ2egRT6joHnlY9ijV6Gc7_q7gykrxLSu1_MCxFhudxyXOcxpOc6YdNff36E5AOP8QbpaIs5gZ8ZFRGokzhTyIDEJs9ZSo_6AADCpC9uusM-dCuPOFgckqJs4nuKhqZOOvbMd8lYNPfvTnuEtzAOvnc9D37OO4w1WhxoKN2QN8dFc7qyAaz7B48uz8HXglNR_yMejphz3AMqA7ywEibwyuKPXko8VRDHYV2DUrWxocUJY4e4dHqVu2e5u0XBzcHRP6T5dGh7JA-iN9UfJmzDx0Zytj-ZyrkujNPxhHTZp2XWdYWlhGeBEwIJZdhQb0P8qX97bbA9qK2-GFbxSt4epZJTGOB1yRcMIdZdcOY3xhb-vUG_7e8YsUF2ftEjDLtyIaF9_H_LHK62W96vR5lJ7mQRfib2TbuUDe06w9gkWnxV_0j2Ko2EaPqDGKRiaXDzvQMlijNSDYLk7-Ug1ao-bjmKD9wmt6J1E2FJl7j2tl75OXFS17Dvo-OTF-96v9wiAjfAFhhJTPiwSjQQaQvvYvLSkVhKqlOEydRv0IKFyrDYNRnovhOIN-1yKEdVfQuFUW6g2WMk_W7f2iarvlBQUEO4UhYBYGkdE9tmzdOSfI9_ogaaqVlglHlQh72FHWJFOZksWzoNgdmb123SeF65GBWSp3GuE4WLqef10Oeow&sai=AMfl-YQkrpXVkQlaLdfxP_ppycmwLLgW-C_QpIA7ZmBMU5wcFb9JyxakcyKmhs0ocUn52gHwgWSDqbwDcMy4mDmrddcprFy59xu4tgbYMhd5WK1v7BsTOi7Q3jDeMaDiswo9khmDp-jKtjeYGFqQ9Rc7C4Y7RO7JzZalQQOKe0EKSnBfEmapK2p77_Y7rNRbmYpUtxSifl-V5D2MVPxAgufu_cQyR-kNiDPg5Q&sig=Cg0ArKJSzLe22zgIHNC5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=191&cbvp=1&cstd=189&cisv=r20220419.45627&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 21 Apr 2022 20:33:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame D5E2
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=8387be89&atb_dpuid=adlicious&atb_dcaid=display_kat-audi
https://d.adtriba.com/px.gif

42 B
227 B

8ms
8ms

Image
image/gif

35.156.209.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
URL: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 35.156.209.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-209-127.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 20:33:17 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Thu, 21 Apr 2022 20:33:17 GMT
Last-Modified: Thu, 21 Apr 2022 20:33:17 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 33D6 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?m3yfbg
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8690 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wMF3kg
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DE20 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9BGoeg
Requested by: Host: habr.com
URL: https://habr.com/ru/post/486856/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 290A 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 08:56:20 GMT
expires: Thu, 20 Apr 2023 08:56:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_248.js Show response
s0.2mdn.net/879366/ Frame ACD0 31 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 16:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11026
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Apr 2022 16:39:43 GMT

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 290A 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A22 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bies9jL9hYoaAL7HR7_UP0Nan4AsAAAAAOAHgBAI&bg=!2dql2p7NAAZvJBiFTyQ7ACkAdvg8WjHBA2do7IbEiB5VLS1qYvVwDSIR_JKmflhNxcoLdl3V57yDgwIAAAEoUgAAAAFoAQcKAH8WrQLqQF2V-10cnYjd-9RPeYaSg3WR783eajECopuSLnXQxGS8vWHorjqMx8keCZy07C5vnjCgS_J5_XmMPyRIC_v0GtyL65Z-Hw_vVUvm7AiV3CNyb5MMbC4jwwPuzQJ39wz-9a71JkNgysVNxbYHqKl2sGmfo0WK6Rp-O5APmQL4FpMfvz0bBtMWNM8RYHXVjzENYqf1J4AS34Iy5kU9XCmKpXj_HCGOuy71buPZ5YGyOyaidimE_czERD-P0oO_pAV3njMCi1SMlJlNctq3OMJEdU_9BV-ZluznymTVeNAua2r1hRqin6l8rJOX07jSnFDtlQzDDIeDtKcUPXWAXtUuH5L5BOKhwfUfX5iCF_6M3WfaGPhSxOZMcfuQqTozzgcc8KLsPIcjubA9R1NSkpLyDu2uHx8_X_y8ymNpaaPp509gWsFuX4fGXEn4IiJHCyA0alF4VqG2HaFc0_9c5ErxP7wdqm4zKKnKV5Ail3eJOEjgjW_kBF7rwAq84CEDWU186mWKXknOzjOms9hrwLoZE8nCQk5e0v8Pmb-nuJREUQrbVLeQoUW2SvbZ3lshhaa4TzW99uwhtQYGvrDqgFRM-j1kGVl-rBxDP32JkbsDIYcHvlTzDfkroJOs1Asm3dhfiD99YFO6HsqmPU5GFwzL6kjd8-H3CICGt7_E6_Gn0a30HOYIqPVeg_M6wmCHETbpsIZ_AcjUbImFEy_KUjXLE9Ea572NtKYKS3S8Aa9SyxdydfdiojxGbIm4SdtoXXLmLgfJvHxNYK2b2sBFjAzFVlr0fHeIqkJNZTd1p7Dz6np9jcjVJYs_Qp3z3mp3B6AeTFV4gtu-m9UTNRo9cjNm_zFMzYP8RJH57_vn7drjYcjkJbI1-zeoencEDrMYhLkQOY9Akc9rz6-_vYk2W0RLgSdZYcd2qUb6oo-olNvubyXpjuZdXFYGqu6aNFZdjq3vu5k9yDzlcKFB_Jhhm_U5jnzT6XWYETG3WBr3AcKvsQdQJ8qI002raXinnzMkrg-MAmC5a5BxThbCXRdIwbJ9E9DTuQCrmUQrPwW3N1Z_tjnd-Lhh2cFuPfiQ9_e-YuUIMbtHRZFmn0K88b0gbMaMgIlPTn2hcl5T0XqRz2306m7RhsX7gxMDHbhUdagHrQLEb4ct8aNL_N2GLFqiqQJNMzOtjfU_vA

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D5E2 0
26 B 69ms
68ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtxDBjR96FaYMJFJGFMuk0llhhJV_1dxJKVK42gwCZ-m4_nhf6H-1EInu7k-CzDzwuCsnZE8zYoQ41itWAG7Sz64L2n86JDBm1NeUqAa6Brg6VjagvuOtxGPDGQ4nuFr1dJ4IMlu_xXjdUQaIMp8TGdOV2v9hmaQexIwabZ335bmL_cDooZShqg15jPT2v7u9n18J92FRK2vKHlTHGZw9czXC49J9wCllacUXoyK-J4O78zVBL9kv2obU2Hf7eBJlmjHZ1lQxlYfem27vLsgcFW3jq2XT2hBcZbTh3Y9hI1ywBP_rdcPdnL2CKfj4rDJfc-PH8PdVoLt5Z1ZiClOY5c2cdJlikdRwUyHEXG1fqxTPlWHNboFD4Qn-JdgCSDhZZoWEbhA90AGgr_UkrP9Bv5Gul021lJm6DPKuR5FfN-yJ81Kc1ds-_c10wq4OYPyeEl5CtJUU1iOILIxO-TAAdb963NnRxsh3_eG-_LjZ2egRT6joHnlY9ijV6Gc7_q7gykrxLSu1_MCxFhudxyXOcxpOc6YdNff36E5AOP8QbpaIs5gZ8ZFRGokzhTyIDEJs9ZSo_6AADCpC9uusM-dCuPOFgckqJs4nuKhqZOOvbMd8lYNPfvTnuEtzAOvnc9D37OO4w1WhxoKN2QN8dFc7qyAaz7B48uz8HXglNR_yMejphz3AMqA7ywEibwyuKPXko8VRDHYV2DUrWxocUJY4e4dHqVu2e5u0XBzcHRP6T5dGh7JA-iN9UfJmzDx0Zytj-ZyrkujNPxhHTZp2XWdYWlhGeBEwIJZdhQb0P8qX97bbA9qK2-GFbxSt4epZJTGOB1yRcMIdZdcOY3xhb-vUG_7e8YsUF2ftEjDLtyIaF9_H_LHK62W96vR5lJ7mQRfib2TbuUDe06w9gkWnxV_0j2Ko2EaPqDGKRiaXDzvQMlijNSDYLk7-Ug1ao-bjmKD9wmt6J1E2FJl7j2tl75OXFS17Dvo-OTF-96v9wiAjfAFhhJTPiwSjQQaQvvYvLSkVhKqlOEydRv0IKFyrDYNRnovhOIN-1yKEdVfQuFUW6g2WMk_W7f2iarvlBQUEO4UhYBYGkdE9tmzdOSfI9_ogaaqVlglHlQh72FHWJFOZksWzoNgdmb123SeF65GBWSp3GuE4WLqef10Oeow&sai=AMfl-YQkrpXVkQlaLdfxP_ppycmwLLgW-C_QpIA7ZmBMU5wcFb9JyxakcyKmhs0ocUn52gHwgWSDqbwDcMy4mDmrddcprFy59xu4tgbYMhd5WK1v7BsTOi7Q3jDeMaDiswo9khmDp-jKtjeYGFqQ9Rc7C4Y7RO7JzZalQQOKe0EKSnBfEmapK2p77_Y7rNRbmYpUtxSifl-V5D2MVPxAgufu_cQyR-kNiDPg5Q&sig=Cg0ArKJSzLe22zgIHNC5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=428&vt=11&dtpt=237&dett=3&cstd=189&cisv=r20220419.45627&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: habr.com
URL: https://habr.com/ru/post/486856/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rtrg
vk.com/ 49 B
488 B 127ms
43ms Image
image/gif 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-421343-57vKE

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / KPHP/7.4.110888

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 20:33:17 GMT
content-encoding: gzip
x-frontend: front220206
server: kittenx
x-powered-by: KPHP/7.4.110888
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 65

GET
H3 200 cta-arrow.svg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 259 B
226 B 42ms
39ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/cta-arrow.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da3a0ac775c42809d0bf8f3bed1b220316b06eff37728ae3ba40521636f95cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 11:18:25 GMT

GET
H3 200 cta-de.svg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 5 KB
2 KB 42ms
39ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/cta-de.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e72af079533476d9df4b500773b365829426f61c161d89d14a69e834c15504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1724
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 14:13:03 GMT

GET
H3 200 logo_1.svg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 1 KB
633 B 46ms
43ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/logo_1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96119064d95089ea3b05b0286ea95fadb53531b009d6ce88105511b2cec992c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 14:31:14 GMT

GET
H3 200 h1.svg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 1 KB
789 B 46ms
42ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/h1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

910f5bf4574b628987e9e94bcb8c1aa122d56e604b39d0c76e33e2a66c679a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 06:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 569989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 760
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 06:13:28 GMT

GET
H3 200 sh1-de.svg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 8 KB
3 KB 118ms
114ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/sh1-de.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71dfef3c3cfadcdc0dc8c627cd5e2e81097d4d5e51a028792118168eb534114c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2839
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:13:34 GMT

GET
H3 200 img-audio-right-speaker-top.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 3 KB
3 KB 115ms
112ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-right-speaker-top.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

170ef0cfd67279d23ae86d3913fe9e6fdb147677300642ed75593e235a306173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 07:04:51 GMT
x-content-type-options: nosniff
age: 221306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2780
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 07:04:51 GMT

GET
H3 200 img-audio-right-speaker-right.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 5 KB
5 KB 105ms
102ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-right-speaker-right.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27e345f3e039d1edb18c4be3bc9ad0eff5b666cfbcb2a67abf418a6776db9b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 07:04:51 GMT
x-content-type-options: nosniff
age: 221306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4659
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 07:04:51 GMT

GET
H3 200 img-audio-right-speaker-front.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 9 KB
9 KB 109ms
106ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-right-speaker-front.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48564375967ffe7a80aeff3affbf3b9e8c9abff8209b76fcbed209a1056792c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:03:49 GMT
x-content-type-options: nosniff
age: 376168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8824
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Apr 2023 12:03:49 GMT

GET
H3 200 img-audio-left-speaker-top.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 3 KB
3 KB 114ms
111ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-left-speaker-top.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb104b6c5b45ef1e018a7458aa58ae356743fd643e1be556103f6c277e996f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 19:04:36 GMT
x-content-type-options: nosniff
age: 350921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2724
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Apr 2023 19:04:36 GMT

GET
H3 200 img-audio-left-speaker-right.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 4 KB
5 KB 102ms
99ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-left-speaker-right.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ee77c7cb19e9fdfae489f0bef102d888f1fa9533d6b19b90b45c8e012e098ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:09:17 GMT
x-content-type-options: nosniff
age: 318240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4604
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:09:17 GMT

GET
H3 200 img-audio-left-speaker-left.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 4 KB
4 KB 117ms
114ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-left-speaker-left.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6be386973574af69022abceb32bc081065930b3b0c5afc0a7dcc7aca5e49437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 06:05:33 GMT
x-content-type-options: nosniff
age: 570464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3854
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 06:05:33 GMT

GET
H3 200 img-audio-left-speaker-front.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 8 KB
8 KB 46ms
43ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-left-speaker-front.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6f08d1521811dc1fc61e7f2d29335fc1a085a8ffee41cf1e044fcf65ed55d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 16:38:42 GMT
x-content-type-options: nosniff
age: 186875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7818
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 16:38:42 GMT

GET
H3 200 img-audio-cd-tray-front.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 1 KB
1 KB 52ms
49ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-cd-tray-front.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90cd3e96b77162a049e3cfb7d257b9b310da9735742e80decc27e8c33596dfd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 08:24:13 GMT
x-content-type-options: nosniff
age: 216544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1427
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 08:24:13 GMT

GET
H3 200 img-audio-cd-tray-side.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 1 KB
2 KB 52ms
49ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-cd-tray-side.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8db52968dc366755178474c462ea1a13ac6e50e8f215e63e50e929ef8dd276af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:14:30 GMT
x-content-type-options: nosniff
age: 281927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1527
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 14:14:30 GMT

GET
H3 200 img-audio-cd-tray-top.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 10 KB
10 KB 89ms
87ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-cd-tray-top.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2a9678d4c0a38d19194e88b159c8aff1cfe501496ff849bfcea5fdabdcf6a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 14:20:44 GMT
x-content-type-options: nosniff
age: 281553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9932
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 14:20:44 GMT

GET
H3 200 img-audio-cd-tray-slot.png
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 4 KB
4 KB 65ms
63ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-cd-tray-slot.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a4520a434183203044ee4ecd7f193ad1ff7359492be3019fad4a39ba4853ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:07:31 GMT
x-content-type-options: nosniff
age: 293146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4384
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 11:07:31 GMT

GET
H3 200 img-audio-receiver-side.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 7 KB
7 KB 87ms
85ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-receiver-side.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c644a2b8c044e3c7c8917bdd7104dc22c7b95f09b17cda70df7378caf9256ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:09:17 GMT
x-content-type-options: nosniff
age: 318240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6709
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:09:17 GMT

GET
H3 200 img-audio-receiver-top.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 10 KB
10 KB 78ms
75ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-receiver-top.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6497b021f4896711cddee0c9da0b50b74f105a4b096e47138a9944c3a17bb239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:39:25 GMT
x-content-type-options: nosniff
age: 291232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10274
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 11:39:25 GMT

GET
H3 200 img-audio-receiver-front.png
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 16 KB
16 KB 68ms
66ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/img-audio-receiver-front.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cba6f892c14a2cad2b724eee62914817f04f675e93f0f827552719891f57af8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:09:17 GMT
x-content-type-options: nosniff
age: 318240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16206
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:09:17 GMT

GET
H3 200 bg-300x600.jpg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 22 KB
22 KB 52ms
50ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/bg-300x600.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d1693a1756d6bf18963357803571814a400b435d7f6cd7099ee15942ae5c9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 18:26:07 GMT
x-content-type-options: nosniff
age: 353230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22630
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Apr 2023 18:26:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CD0 0
20 B 76ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8z2mjL9hYomBMPqx7_UP492YiAEAAAAAOAHgBAI&bg=!JySlJGDNAAZvJBiFTyQ7ACkAdvg8WggYykhWo7-bTbAvdol-GyQ0ch2jvt9msF_ZcS-6eHQO1Zi-ewIAAAEgUgAAAAZoAQcKABJOPxYiEXSDDn94kOxEcrZsMDKZAvwC_d7YDwGaU_1a0XNto3HWZx6p3PgFObQ-R9fq_PndaTCUobQv7a1SNf59NEVXaAAJUmQvqQuDhDlIltfgLUPQ9zacVHOAE4Mr3NPjgshnfH6ISfMPdyOIBIN1f8LN6J1ehioRI2FmBCHBbySW_LPR2ULCRG_MJvrf5wMUDA1tTn5triKKT7HBN8d9GPy8SNYA969s5W33ynHnIIYDT3GwUK_YAsq5ffKTWiV7Y1BEFI8EV9Znir2l3z9LlNaNYH8ZF0FuQSWS4cfBYKm0SOqNqvJI3M5CksHKq4wv90ok8nDN-YFXFjoe21zG2PiFzGoTvh1KFbIlvIvxu7KmY_LNkbpfS0UscCC0NcicrXWGhWbf1hWbnFAxYOYplnAmEwpFXmaaDGmVHMPoMdUg8PVLQl1C64abxUW277s_rj12QAC-YVCa1jBxvd5J8LMP0ZXEeKKF8wMbnsVoJmqPD-nvuclYqJu7_O3wWirp7Sz9WPGhNZIw2uqCGK5xQC1K0TbgGKKGrxSl4hpR42BDaIXMZw-Y0POZzrZb8eanXqTDpFhW0F7yvP2QRkzvSAzEHE-ABZLK1Net9QwAeDI9LuLVV8e6PgvmFCJ0fO_Ok6D7DMrUgkohFkZnCTzhMfJff0ZBxIQ3K66dzvB6vfv64B10XneDHCFVp0H_CEzKdeBjVmvSFczY4k9R4hFtTVqkRiU_KCgge9f0HmahyYf44Y2yGLghj4C24fbsVySi4RD9t_Y-yCWGg8hoZaqooLX9K7etJc6VsmvF0scE8sh6ljTWJ1Ptvqh9E8GlAzRmvqIZ_Ago4uJsNVYUHidsvGT_XeHjSp_u6a49IaA4KSPeuxVYg_uzRoQdBBwbec1CSbb7A1Mh44kZzptVD5Pl9-dHBQjCwefhRjFAU76-Ib4fVPDgTUnh0kBOaxrBQbbncd0FhGQ0TM08AdzI7F9U32eGThrYCo0CuuAs6Mgm9GYCdiOTfFINlxnUJ4iphsDAvQq-tROmxFtNgM5fhJcY5w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 290A 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv3yujb9hYun7EOORjuwPlfGvqAoAAAAAOAHgBAI&bg=!Dg2lDUnNAAZvJBiFTyQ7ACkAdvg8WkN9DRCphaXwhLsbbWlVmeXLc-iIB0_WCgVrb_pNzjYFy-bYTAIAAABQUgAAAAJoAQcKAIelJdT7pJTj2SFOnmfVSFin9RttADP7Nx_Owlc4YiPP-2gWfKCHVNc3w-pFNC00nGBZQsjHsaOUrrbWA3brSLiLW20O9vktB9Q0sF4tIk9GIW74HWyaRX63kxSoRinWOvlH_N7S688mzZBZqId-_AawnFqIMBzUzbWIjYVIkykBjMaaO-WldY2ZAvBgYdtC_jzsqD0nzWq9iiTsrXbqf4c6FZs8LS96ALsfSE94-vwIzWTCZgCqqoo1Dp_tmecu73bWcNxAB7Xk5xqsQ8cUp2_ulIUo97DwxcygNNvNS1C3jN6xdMPYFTiSTXPV0uEwDepFqqlrCSD8_bcZ4PF_eD1qavsbOX4tOckqaAVcRFke8nYWTVsTjlBElpLcfacRLcDDLlZWiusD9xmoZYUwwEw-7rnIDYH7BZAFvAI-CTueG0XUu0QUc56sE6hqDty5h76hcEYj8Hq6HMKnWw0Zg-1Hm1cOMsKBGlacsWzzGmlEPAHzcjuP2iTFgU_Pvp29u4Dtb_HfJ7WEU6GhybJfg5VC-I7MjFtmotHYEb774staTIRcI-jgE_Mb1wLMqPiAGM4l_U2kv2O5MznAs7GYYYy_Lk24Q6zEADZBUL9ces8_H8v8bt7qEEWaCOjgboPGy12JXBQGrxXgRIpjBPzsmfGQWsWmkMy0CAaRu3KLISUwBIHAePtqsn9WfdUesAfIkDjtN9JigmTerY2tLqdfKxyH6HV1Fttmq2NmxKKNQS1ZumSfgbaVPY_2buZUW4P_gyDXhVeJvILHwRvnKNIAeX-qJZpAvTHASBNVEFbJ25um-TVtz9kJ58aOxqbZ7Yy2bNJtaaQ0zTchsKhLrDS7Bvz5Xtm0o7SoxId5Ly0gTP2rgj_LCN4YFqH3t876FuHyXbvdJKwrHwvUwUpZfzLs6j9b7od1RJwWP3I8LpQx14cT7aWRQOxlTwqBWQH6R2yEeXXYxlwz7warSqZYQ62aKfaCpkqGsklzucEss2EeT6ov4HxHFM328TuuMoVv4Bw-P9vcXdohwpZkSCxk_ej9Rsh-H9vXbvEYnaXX8u2wUFErM61CS0w4dt2NGKRHnshxgSEGf45wzwGxbcVqMwyS0Hp3OxFQjB_TNo5fde2kz9CbA6z_iaWNEnAdCmKCwfAZ9nM6njSsLm-tUJSP9VKjKnBXzY5uWbGm6jJnuQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame ACD0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sh1-de.svg
s0.2mdn.net/sadbundle/14179386794843901602/ Frame ACD0 8 KB
3 KB 39ms
38ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14179386794843901602/sh1-de.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71dfef3c3cfadcdc0dc8c627cd5e2e81097d4d5e51a028792118168eb534114c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14179386794843901602/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2839
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 10:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:13:34 GMT

POST
H2 200 24049213 Show response
mc.yandex.com/webvisor/ 43 B
145 B 31ms
31ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/24049213?wmode=0&wv-part=1&wv-hit=627260188&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&rn=326133087&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1650573198%3Aw%3A1600x1200%3Av%3A790%3Az%3A0%3Ai%3A20220421203318%3Au%3A1650573196135639588%3Avf%3Aa8mjecangl5v275zywhk%3Ast%3A1650573198&t=gdpr(14)ti(2)

Requested by

Host: assets.habr.com
URL: https://assets.habr.com/habr-web/js/chunk-vendors.95262fce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://habr.com/ru/post/486856/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:18 GMT
last-modified: Thu, 21-Apr-2022 20:33:18 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://habr.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21-Apr-2022 20:33:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 708A 0
0 82ms
82ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=825672408674588&bg=!DQ6lDkrNAAZvJBiFTyQ7ACkAdvg8WkcvpQuxdpAcQ0IKMv6tzRxmP6x-IdxoK_ndYkIZy03EcwP-hAIAAAE9UgAAAAJoAQcKAHpXjVU4VmrpOSmrDwjVm_gUY0ovEYsOt8-VTm64w3zxtD_2IoMm5VsjvoUo2yZMxYAiGPMK_L3RkBEa69eoFfk3Vs5ZdIV_4XITVDwvUTL9s-WhoUfF01wmBez-EL06L2VuCIzxqTGYNnW0o5d0Dkx4upVyBcm_HclYKpkCnKlj3iXilnLbv22L4jcdg-hgT1MzNRCQZb8I02AjYjfXCcq9t7v0sqF9QJkzgDcvKzwqj3RpRQiys0Y_OcA-0d6K47SYhWhOl8N1-dIchsUREy-RpIk4fzwio_P0JXe0WQ-gPOezF9ai9xIb4KdKArkFQ6NKXKOXqKtD7j9_qMF5xETE5wHeTd2Rt1dQ4QT4zl0SET0-9Gl1D6dxP8WwIqEyvKUrqpZ7dyiJ7FQiKZqje2m28T__Ri90QSpgRds9-MB6MhMj3rTC5LjjhcC_tftzHyZZjILXy1xxB1gGhfiZfOn5riFamrwUadPHr6-6h4vOm-b1tXX3tRg4ghHpR7HjwPdHjHjGa80ERDPX7NGS8FO8AZanH83ku1NrvEmkmH9PFWNLDO6_d79LR8IXNk2OCR_BFZ9mt5gkcx_hl1bgYmj5cMcZE1dcETIvRaVR33RsW6Au09OH9RJfDfwdZWJ97CkECXZdOAluJ5vkAKTtbZlW-95PbdzHy67Hn6m5BqqIhktUYN8nXD8S9ftml3MnJXKsrfMoWhFlw7CDV-mo86J_jGBZS8scXQxkE2v_Xa1ZuYYJr31_o2FBYJxmjIIE0ar6bJDbnn7Is9Xo3qaXjHIc8G749J6yVPVZLlkGv8dHURhSd4U0Px9nAv4cuyqGfEMo1ZKtMhbcvnjCHUSvm0i9rEaCuituyOmrluN0HZJK-6T9k783tRs4S2C9qSHuhy9upd2qSOodM6qJFTqYGIQFPq4oy2RE46NLtqfCjznHNgoIwk8d2ty-newPW2D6duCaXoLyl5t_1t9I7D0QKxP-ldrrJu7_pKvdSqVR_UsbcXNUP4RY1ANhuZqQrTffWUPl4cLqIyFFVPP3k14Zo0ZCPo4ct7a-JlF7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E14C 0
0 90ms
89ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=1717448534201291&bg=!UlGlURXNAAZvJBiFTyQ7ACkAdvg8WrxVvPg9DcEi5zxN5MVnSZ0iPyscByCuMir-F8UEMuXC4Ak_GwIAAAEzUgAAAAloAQcKAEnJ_NMqtCIYNBhUZZaPrkD2VzP02pUgfwdm-fYAsVlU44OU3_z-ZFO7tH9aJjT1-obxdrflS-kCVSxQRBEAJiEzTuLleeX6SVYXmQKs78Jp5GnN715ybaRaWyUHZlWJSuBw5LwZG01IGRfSLtfnNwQNkRW2KnzNRFbr-2Rih953Ikqr4THp1JgCkFwmuGyneLJQO3JMkFzScJ1p8k74V-x7p9pXXZKLCEDmGE_boq4RK4bu0knhb5YQkRUrRx7xSSF_SaI5zusd6idAw-riRRwRoglT3G2slonJY-kJBjj_w3I8N3z-vVtL-iFba5lkW7B7-xwdvWfKoEAo1o2bHxv4MvIZoByezb6iyU3M5Vj4VjOjBYeUCqyye_scSAq7WByPol0_3DrnJyBv8oN44vVueWsPM3Mk5Rpt53gJAwmpPNTky5i5FzDHycb7OEnXm5yz3v2FqnZRgEa6knxUbZTTPfFpJuLLph7tuToP8UKn4hK-kcJNrzWCMQlqTCOh1HC9Ij1IpMuEQrHwq1ErIsc_GPxuYMPMqBg2I6iBuFDmHCoNWWfwl7LhcHJwzzN_vSeVxmziQeFNcWhhcz3o5bcdZR9y8CO4sC2hMMSgB6pmlK9_kLnmrvnZbTxheDIXTDASKdF_y3OrCXoFhE-PeAfOuV9X4ArEiUTBnWJxdB1ZYSxvyfZH2EAbv3VIPspMsbu8g1e-Nj7i08HUHclOqBh0Wq9-o6oQHLiQnGyE3c-ik0UpXMUnZC6Udz8qDaud36KpoBRP_G7ShG8kDg3plJjVYWcR8FltSQYV0ggHWvd5ak8QomxVOR6eY3PbcnsWkkt1LoQ5clhNmByf_59YPiMsfX2A2K7VoR_UbG8chFuzvyIsIqAe-ZFKZXsK54MyLdX9YZ2nKGinlm5PkW_FhvKHA6mhNBW1H9__SePwGVIwCebBY2Dkd5hx1pVZipJIa5wbWkzxYH4wyckbe7W21iQzU9LMzgPfZ-0sL5ZbDXwek5-wgJH1aDux
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D747 0
0 107ms
107ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=877337711169517&bg=!2tml2Z3NAAZvJBiFTyQ7ACkAdvg8WgEc8glioPlx77GO9uICXrhWLeSB_05f1JzF1P3WVQkZJmAd6wIAAAF_UgAAAAFoAQcKAPEapnjD46pIRbkEraUKcbtznNl1awhWxLSG5UCAVhbjBSZ7n6aiVvXzUd2rvUkjZO7KAHryuZlDR7wui7PL3FULCM3YNIx_aEBOsl2ofyaaQfvjgeJr6xf7hxWhI2hLcp0QymldIqwHU9QaeMH5b0BJzM3fYoJ_5GpuqabzGP1FuMcxnqEwUKhlkLY0-bFpnav8yOjEsi4dibYsxI3GgBJuwq82TlIukZrvRhGI2OXAvbKtnhFDJrqzlOY6Tl4rsAsXsdA2hu12HFG8kSJhbR8osOgBeF9edWuRsgLasJ4VQjxfr0eRtgdO4VZIfSpmwwPlmQKoth89OkXIppl1JbB-BmKIQ5P9N6UnXjcPSuQT-y3RJ1OBgG0ZTHMVSsgnw7fG2TGrBF8pxUxxspZjuzAeQ3gTKj_2PDpsoywo6x6Px6ACdcP-KvMU6sv7uoz0t8iCw1BOk9WU0Rd0ANtYInsNp1tan8v-9A8ry-yornu2u9Ki4-eZbWmRg1GeaIYOVUSwJaSlJeEpexk4HwchUt7QTy1rEryZXrOEl6ApbnjFDO5UebSsIJwwIeHXplOUo9-BYC_ADb0QE9ukWyaiKwmsptjBArCmqRvxGzgw2lFcfHn9d5Qllae7U-Bq86Z3jmdumt6mdYX37NZlc-Tjrjd0HTrCtsbPtdeXeKVg-3zv4H7RQZDXGdGX7iB2Jub3MbHgcQCsSLSjyd9yb0asMi-ExgBpK2jySkYWlj7lslwnRogru59AuKBn5tPeV5qkvppB2EAwtdYmRaO2vsgOTU5HtbvSwd8LHB92P8Qj8I5PQWmR8rtfpUgwCtdaGybp_scFC2-rgKOaJoanNGm43ZzTPWbMJW2VUA3UA7Zr-i2-jlgSaIKp7hUlP3MYQ94vVf2BoyzrfNInhhuko_36faztlQ0W6HuXykUOvCacnsW97waTQnT4Z_t3qiOynj3s3jFfyMl5bazI2oj37jhgXr--oqYxnOSE4fYc8FKcLy7K51ZYlsyEooQ4q0Rj-uTRahRlsEEPf1R_jDmv6jMBXb_GzBIjeAnTkCURFCKo2v7PuvNIusuqwAZ_1QKlLJq44WFEBiSIcWV6gufqzOTxq7iYE-IrrpptnodsyB5wWGzzc21irU-NLu8y4uB493kAMGvk4LhWIOoCLWaAaUSmYJtD9vv0mHnT0bcMUu_7pkqxIowR62-4jBKa3TjgOheRCqoyBHRTK6fNxkuR1W4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/406261/ 0
66 B 62ms
62ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/406261/event?pm=bmn&rand=ioapthc&duid=1650573196135639588&ad-session-id=2856001650573195811&p5=lenpy&dl=https%3A%2F%2Fhabr.com%2Fru%2Fpost%2F486856%2F&utg=oxum&lts=fixyqil&rtb-si=b&ytt=116000087474181&hash=4181a2b699e05378&ybv=0.571603&ylv=0.571603&rqs=i393BPzVhAmLv2Fi4fNS7EnhHCLp10_H&puid6=ru&puid5=%2Fru%2Fpost%2F486856%2F&puid4=no&p2=hnxd&pr=mxhtwdp&puid3=h_infosecurity%3Ah_crypto%3Ah_it-infrastructure%3Ah_reverse-engineering%3Ah_video_tech&puid2=f_develop%3Af_admin%3Af_popsci&sj=L2jiJGGaxuJuw3BsMvVlTw1GLoiOshTlLonqgXuXgWqW5v5W5ptwA51CZTe8&puid1=post&p1=csxvg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://habr.com/ru/post/486856/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2022 20:33:18 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A237 42 B
64 B 155ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvWOybcsAL7Yxbc1HHgj3fc079T3Q_05so5dXaUmtOJxDobLcuNntDBk64lDCQmC11-p3g4JHzwv2NFZDu7KRbSbZ89Xj3kaZURzENsT11jOCr82Q6Nw&sai=AMfl-YT-gWA4w7t-KGtZ2TyQR2no5dsUHxGdonZZEXsDZ6QCrb5aU11TJgUSUkfx9V4ax5CpMg-Er6gObg0mB1b9ybnwi4fbq7n22IujDPj_ej6jn_0Eren27XvPYbFn3nyq&sig=Cg0ArKJSzH0OoOPK-CCmEAE&cid=CAASKORorBtozLmd72HI5zk8LqcDAAGknAt4mRL-6KLUxNp1dg_9xESMFhg&id=lidar2&mcvt=1000&p=133,1048,733,1348&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1652858509&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650573197041&rpt=420&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 20:33:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.habr.com/	1970-01-20 11:15:09	Name: _ym_uid Value: 1650573196135639588
.habr.com/	1970-01-20 11:15:09	Name: _ym_d Value: 1650573196
.mc.yandex.com/	1970-01-20 02:29:33	Name: sync_cookie_csrf Value: 1444250296fake
.mc.yandex.ru/	1970-01-20 02:29:33	Name: sync_cookie_csrf Value: 1544916291fake
habr.com/	1970-01-20 11:15:09	Name: hl Value: ru
habr.com/	1970-01-20 11:15:09	Name: fl Value: ru
.habr.com/	1970-01-20 02:30:45	Name: _ym_isad Value: 2
.yandex.com/	1970-01-20 11:15:09	Name: yandexuid Value: 8575768151650573195
.yandex.com/	1970-01-20 11:15:09	Name: yuidss Value: 8575768151650573195
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1170137251650573195
.yandex.com/	1970-01-23 18:05:33	Name: i Value: R95h7vg6bFZG3wMGHfumk7rlWSrimYVwQTqSKLu1j94yLZu91AU1kP6uJTe2iVFzfQ9Y49mZXmCAwfPO2QzTVUiFYlk=
.yandex.com/	1970-01-20 11:15:09	Name: ymex Value: 1682109195.yrts.1650573195#1682109195.yrtsi.1650573195
.yandex.ru/	1970-01-23 18:05:33	Name: yandexuid Value: 8786791981650573195
.habr.com/	1970-01-20 20:00:45	Name: _ga Value: GA1.2.1444583167.1650573196
.habr.com/	1970-01-20 02:30:59	Name: _gid Value: GA1.2.826282058.1650573196
.habr.com/	1970-01-20 02:29:33	Name: _gat_gtag_UA_726094_1 Value: 1
.yandex.ru/	1970-01-20 20:00:45	Name: i Value: iC/sp+urK5sKtgs1lYbMF9HVqadQnrgP4SEMJj6e+yi7VwGh//7iCqOJwSFkyp1tEJIH/4uy8rBJdJ2o01q38M1ACiU=
.habr.com/	1970-01-20 11:51:09	Name: __gads Value: ID=b179513b8b5cfd54-222c88657fcd00fc:T=1650573196:S=ALNI_Ma8htNSPr2tksSGjzHoI5-4WTCCFg
.doubleclick.net/	1970-01-20 11:51:09	Name: IDE Value: AHWqTUl7vS-iVnt1FkbEQDgw2iMZQNNQkiprT3D_zzDRAfZhg8OQCjyqkya9kyf1eLw
.casalemedia.com/	1970-01-20 04:39:09	Name: CMPS Value: 3271
.casalemedia.com/	1970-01-20 11:15:09	Name: CMID Value: YmG-ja2aCQVkHRS9cFGWswAA
.adnxs.com/	1970-01-20 04:39:09	Name: uuid2 Value: 2445107378890475869
.casalemedia.com/	1970-01-20 04:39:09	Name: CMPRO Value: 1138
.casalemedia.com/	1970-01-20 02:30:59	Name: CMST Value: YmG-jWJhv40A
.adnxs.com/	1970-01-20 04:39:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C'$Clkep!@wnfH8K6pQK`!5=E<*L5>xj'gOQf!2G>@80VgqH4>)-vm)An6?8!_8lPR5OP(hw9P-HC_#ttze)vgS/
.casalemedia.com/	1970-01-20 11:15:09	Name: CMRUM3 Value: 2d6261bf8d2760CAESEM6nFVwdm3pqMuQcZj_clzA
.adtriba.com/	1970-01-20 20:02:11	Name: atbgdid Value: 78e0858c-382b-4619-ae7b-27c0ed1102b3
.vk.com/	1970-01-20 11:10:47	Name: remixlang Value: 6

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9615.vE7zjv14TSRTsr9y5MmifkyGQ9VsgMvk_pSpoI80SyF6zoKJpFCBf2nPts0tL9SDdv5hKkpPn3liYq7PtC1nAg%2C%2C.DerTc1DbVa8To4PLWezF-HT6p9o%2C Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1154fe4e8d54667810edb94c2517d4b9.safeframe.googlesyndication.com
247de0b31e823660dc5b9caf0767754e.safeframe.googlesyndication.com
4ab9128815283c15790dc1b0e3118d6a.safeframe.googlesyndication.com
ads.adfox.ru
adservice.google.com
adservice.google.de
assets.habr.com
cdn-plus.roxot-panel.com
cdn.skcrtxr.com
cm.g.doubleclick.net
d.adtriba.com
dsum-sec.casalemedia.com
effect.habr.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
habr.com
habrastorage.org
hsto.org
ib.adnxs.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
pa.rxthdr.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
yandex.ru
yastatic.net
142.250.185.162
142.250.185.66
142.250.186.98
178.248.233.33
178.248.237.68
2001:678:5e0:1::28
23.35.236.247
2606:4700:20::681a:da1
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c09::9d
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8:a::a
2a03:90c0:41:2801::254
3.224.1.22
35.156.209.127
37.252.172.45
82.192.95.170
87.240.190.72
016100f29d506e36544c694b9b641911eb00d6e85921679069cfae0004710f37
01d6a5dbff8c5f7b15325bc17c898e5bc9c8696c18cf718dd3a6cdc3463b6589
031d9dbbbf6050bdf38ae317f84f31144e81f14ec4458167eb458e2c978e93d0
074751e65cde4fc96246c58b15eeff1f44029e8efd1719cb287e2491a4423f6c
0779c093b7f7e4671185da22df26d7cf82c0a86c75bc85aaeb1c8ddfbc5838c5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fe4242b8d91588c53f085740c3c7114705d60051ce3deae81c5edb5362795b4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
170ef0cfd67279d23ae86d3913fe9e6fdb147677300642ed75593e235a306173
18e801f26d49ff58918904ebcfbb21eae63853147da1fa4d14f7c0f67d6e38d3
19cbdda37bab9197a017c5b339a9d06f16b4d387399b759585908b0cc5a4769a
227faf50fa291442cda366a25d3496ba241f0b8d5d2e8dcee1faa3924c6a8ee7
23f4f5bd0cc3ef969143ffc04bd28015d3bc23a39c62f059a62741c24456fc15
257c36c929b28adab9ab3b304e0dc3b26ebabc49a16decc69427cabe7a6f3f63
27b1a87d5263fd3e969526b48e37d2dd4e3ee38993791ff97d8aab253b8021b4
27e345f3e039d1edb18c4be3bc9ad0eff5b666cfbcb2a67abf418a6776db9b43
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2914fbe27722d8c2d831724c23af9f5f19df96f957c30b1a47ce66fadc529983
2be7d554f2f37e9fd7b5801b2c30ba2e36aba0b536127725343625e2297484db
2c533d4c42ceea0c4b4edf0a0969b5281164b0a8e17aeac43ccc0a3618babbed
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d1693a1756d6bf18963357803571814a400b435d7f6cd7099ee15942ae5c9ae
2ede6976501513db0e5ca2050a085c96cd8d8e56c7f506b61b31c91500c633ba
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32a61af3b5e0e4720a286fa070b461d7d518900f5ceef5e0847f2b7d22302e28
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3620f56da7826ffb2eaa6f8e198e0f594127671101a35b39464af290377dc8cd
37712c1f122ea1e3c967df27fd2926d373d0a79501d3a6c30a99727003cf3c66
3af77532a166a8a1d4af72d9cb9523766b4f2f7e1c0328d4f2f2d45b6043cc05
3db96fbc9afa902fe4b7a1ebc78f18fc094b62e5a86be95d3c62174779228082
3e4d31e1511fa14b9a8ede89c6b27eeded63c239f335b6a041c288d65f1284ca
3ee77c7cb19e9fdfae489f0bef102d888f1fa9533d6b19b90b45c8e012e098ee
463b2b94f2ff9170e8f63d5ce05a15f629c1727a8e800ba79089daf4eec220d5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f8035ea35742dac46c45760acbeaade246417556c5a5019461fc3398a10e26f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50cd0e88cfc485a784f37d17bfb729c136f182f884af91eddc5b6efcbc553c9b
51fe4b00fd4c56f1fdd02998ad853b583d30f1a21fde1df0acb2da79372ac91f
53e7dc5da3e94b0b64feef602b3251fa45e974526e70502b7bb19df504ece774
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e65b34594acd80db8f7c4eed23b846cc39e2207d2a8166208bd81c020b9fdd
57faa50a9d2050a565de88e4e50c44ec20853891675b7fa95cb35966b1abdd83
5ae5f6caecc0a0376f2100de3653e6662c94fa45ec358bc7a783a6f7265a7718
5de521cd8b0726276af83c5f77b0756d438f6381bca040d1f22e13ff5e66ced4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6497b021f4896711cddee0c9da0b50b74f105a4b096e47138a9944c3a17bb239
66d52e8c2f80d6e255f24cb64f2da658ab655410a68deae8a99f55dad0dde65e
674d9ed8737017e04976e6974be3df386f124cffa12aa79f51feffb7a6603941
6c6cdbc6e4a9fb3801c27f2aeb55063e1e0bdce6548c429798a61f436d38111d
71dfef3c3cfadcdc0dc8c627cd5e2e81097d4d5e51a028792118168eb534114c
72e1cac04cbac920478213c6ae3fea5b66ac1749b8c5d5dd4bd9140af3902a18
742caf82ffad4b5326cf89a43296b225aff41450cb0680704d31331df31eb461
75405d1d6b8fbd00d22e057222f67e928b572563cbf46a0015dbdc333a353ffa
75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc
76ec0937b9496cab2c3fbbcc6506874227ec8057bde64c7b032bc72909fcd4c6
7f5c25fdd5e9fa3d220a201272b768adf6558c8b44d825e4fbb933bcb2f3141d
81cf9780320aef1748beec861fbe070b9d0ca748a31ce3fef35bb62439e6d5df
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855eab231378126a49d885b9f62272f67e90cf530d723e142a83308b31188bd1
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
88330ef49d352da28851222344e04d6c4b0100f94c125dad94175dec1f573464
8881439a4b39b417d8caaa62b3d9b1740f7692d55bee28a2659b4d87886f8148
88afc94a9c7d6676a63e97c28eb7e5f8ef7ac8764eab89892afa5b5fd6a5f5a0
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8db52968dc366755178474c462ea1a13ac6e50e8f215e63e50e929ef8dd276af
90cd3e96b77162a049e3cfb7d257b9b310da9735742e80decc27e8c33596dfd1
910f5bf4574b628987e9e94bcb8c1aa122d56e604b39d0c76e33e2a66c679a9c
923d63974a42dc1b7acc02b1b5ff206a319f90c39aa0b9763f7febf933a265fd
960b278bee0e306b1a0831990b00daed1b92e00f5a025739f1c1001a241f71e9
97a4520a434183203044ee4ecd7f193ad1ff7359492be3019fad4a39ba4853ba
97e1b4a99ff5212dd14e80f416e5c6e17835ce784c151ed4fc4f09df76fbf99c
9d0e296e7508cfa488c724cf96377c5e22a3c7a8bd768e431f71adc1f3d3c956
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f0305c9d9cd478c413c5eb0b00262de6731647b7431832db221649c19c1bad
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a874445d4cfecf7a09f5b3682ca5f18fa280d2c2fd534c56f5a51c1e6bea16fe
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20280646e34df94ba8ebf1a020b391c3d4b2e93ef0cae8743ea6b485616a809
b48564375967ffe7a80aeff3affbf3b9e8c9abff8209b76fcbed209a1056792c
b4e353f35acf66958a4a0d0573d2d782cdc69305462073a6aedfe5cb0465b54f
b4f81a2a21c3c09168d9187c70cf98374354aa7b7a0e46b6e8cfd12013437a03
bb104b6c5b45ef1e018a7458aa58ae356743fd643e1be556103f6c277e996f8a
bb6f08d1521811dc1fc61e7f2d29335fc1a085a8ffee41cf1e044fcf65ed55d7
bbf4ff84044809ff484eba6c5b8479915395836c4d7b437aab14053c3df3e878
c3a7686b00f5b851e33ebfc9e93aed6124ac5babcb15d6ec5716a1a0b95c78f2
c539c169de210069c8d459338f84b361093804eb7afe3e1e0af79174f274bcf8
c644a2b8c044e3c7c8917bdd7104dc22c7b95f09b17cda70df7378caf9256ff8
c6be386973574af69022abceb32bc081065930b3b0c5afc0a7dcc7aca5e49437
cb866c163c9159851108980d9a6ae804f7c992557bee3ccb9ce864c27e8d67c0
cba6f892c14a2cad2b724eee62914817f04f675e93f0f827552719891f57af8f
cc0c28a3ee0e841fd740943e6be241e495cfda59e2cf5d64452d3882824a25b9
cec75285d32eb4339a09f7292dfc2c9efd2c2bbcdd36d49ec003aad0df9330c8
cff901380ad42506453c3ba92c881b6286a01fc79ad41447a3925ac00ae92399
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d84901f51502e248b292283bfcd59a3e87be3d9249a645f4280d6d4210d613d8
da3a0ac775c42809d0bf8f3bed1b220316b06eff37728ae3ba40521636f95cbf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e125309c94a523f3110a75d1bf91141d2ef5dc17ed8b9ff164f5523dc88a4218
e2a9678d4c0a38d19194e88b159c8aff1cfe501496ff849bfcea5fdabdcf6a81
e38188d7aeeab09989954d42e1eac3f97f6320a4e6d51cc2dde4ac391289bf08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
e96119064d95089ea3b05b0286ea95fadb53531b009d6ce88105511b2cec992c
eac6458aa7f4f0234f508a211d1602800b08dd8ecd5dd29b46136e6f9438b4fc
ec28301dca006dcc8ef084cb5a000d239fc6b12577eb8a9ebe408148cf2c9715
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
f4e72af079533476d9df4b500773b365829426f61c161d89d14a69e834c15504
f5001a743664f61b0846417f975f17e19a39d3a6b11a9736d3c3fb81c456c8c1
f72bff664dc1cdfef34cdbd57bfb6cfb07f66d283c1cd4b6a7324b00cd28843c
fc4df1824814569f14631765398e34bed9a3df6afeec737886864b85e05c8e46
ff158d5ff979198ae046174d6dd30818257ad9a7612a3c12410fb177507df9d5

habr.com Open in urlscan Pro 178.248.237.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

206 Requests

89 %HTTPS

67 %IPv6

23 Domains

37 Subdomains

33 IPs

6 Countries

2900 kBTransfer

8205 kBSize

28 Cookies

49 Outgoing links

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

habr.com Open in urlscan Pro
178.248.237.68 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

89 %
HTTPS

67 %
IPv6

23
Domains

37
Subdomains

33
IPs

6
Countries

2900 kB
Transfer

8205 kB
Size

28
Cookies

206 HTTP transactions
4 data transactions