URL: https://habr.com/ru/company/dsec/blog/454592/
Submission: On June 05 via manual from US

Summary

This website contacted 13 IPs in 6 countries across 14 domains to perform 56 HTTP transactions.
The main IP is 178.248.237.68, located in Russian Federation and belongs to QRATOR, RU. The main domain is habr.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 14th 2018. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 178.248.237.68 197068 (QRATOR)
10 82.192.95.175 60781 (LEASEWEB-...)
9 9 95.213.152.170 50340 (SELECTEL-MSK)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
6 217.69.139.231 47764 (MAILRU-AS...)
3 2a03:2880:f11... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
1 5 2a02:6b8::1:119 13238 (YANDEX)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 178.248.232.25 197068 (QRATOR)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
56 13
Domain
Subdomains
Transfer
10 habracdn.net
280 KB
9 hsto.org
1 MB
9 habrastorage.org
2 KB
9 habr.com
217 KB
6 mail.ru
11 KB
5 google-analytics.com
38 KB
5 yandex.ru
42 KB
5 cloudflare.com
153 KB
3 facebook.net
78 KB
3 facebook.com
316 B
2 google.de
218 B
2 google.com
357 B
2 doubleclick.net
317 B
2 twitter.com
28 KB
56 14
Domain Requested by
10 dr.habracdn.net habr.com
9 hsto.org habr.com
9 habrastorage.org 9 redirects
8 habr.com 1 redirects habr.com
6 mediator.mail.ru habr.com
5 www.google-analytics.com 1 redirects habr.com
www.google-analytics.com
5 mc.yandex.ru 1 redirects habr.com
5 cdnjs.cloudflare.com habr.com
cdnjs.cloudflare.com
3 connect.facebook.net habr.com
connect.facebook.net
3 www.facebook.com dr.habracdn.net
habr.com
connect.facebook.net
2 www.google.de habr.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 platform.twitter.com habr.com
platform.twitter.com
1 account.habr.com dr.habracdn.net
56 15
Subject / Issuer Validity Valid
habr.com
COMODO RSA Domain Validation Secure Server CA
2018-03-14 -
2020-03-13
2 years
dr.habracdn.net
COMODO RSA Domain Validation Secure Server CA
2017-12-15 -
2020-12-14
3 years
hsto.org
CloudFlare Inc ECC CA-2
2019-02-11 -
2020-02-11
a year
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-02 -
2019-09-08
6 months
*.mail.ru
GeoTrust RSA CA 2018
2017-12-19 -
2020-03-26
2 years
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-04-22 -
2019-07-21
3 months
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year
bs.yandex.ru
Yandex CA
2018-10-03 -
2019-10-03
a year
account.habr.com
COMODO RSA Domain Validation Secure Server CA
2018-12-11 -
2020-12-10
2 years
*.google-analytics.com
Google Internet Authority G3
2019-05-14 -
2019-08-06
3 months
www.google.de
Google Internet Authority G3
2019-05-14 -
2019-08-06
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • env /^MathJax$/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Web
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/ru/company/dsec/blog/454592
247 KB
51 KB
Document
General
Full URL
https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR / PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash
e213b3a3435ce8c6188d7db8f00aaf2d1ec5458f95b877ad0a88a44af8b7bf60
Security Headers
Name Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Host
habr.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
QRATOR
Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options
SAMEORIGIN
P3P
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Public-Key-Pins
pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
X-Proxy-Cache-Status
MISS
X-Proxy-Upstream
habrcom-web
main.bundle.css
dr.habracdn.net/habrcom/styles/1559738781
280 KB
45 KB
Stylesheet
General
Full URL
https://dr.habracdn.net/habrcom/styles/1559738781/main.bundle.css
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
e29252e62da9506dac3650459784646eb7f4f6e2928cf157ef14cd21f1e34cb4

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:48:03 GMT
Server
nginx
ETag
W/"5cf7ba03-46071"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
Verified jquery-1.8.3.min.js
dr.habracdn.net/habrcom/javascripts/1559738781/libs
91 KB
33 KB
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/jquery-1.8.3.min.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Verified resource
jquery-ui-bootstrap/0.5pre/assets/js/jquery-1.8.3.min.js at cdnjs.com, project jquery-ui-bootstrap
jquery/1.8.3/jquery.min.js at cdnjs.com, project jquery

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:47:41 GMT
Server
nginx
ETag
W/"5cf7b9ed-16dc4"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
raven.min.js
dr.habracdn.net/habrcom/javascripts/1559738781/libs
37 KB
14 KB
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/raven.min.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
2afde481f885e44a63082aea8936e0704c1be721fb3f752ba79465cd6ddfbd15

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:47:41 GMT
Server
nginx
ETag
W/"5cf7b9ed-92e5"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
advertise.js
dr.habracdn.net/habrcom/javascripts/1559738781/_parts
37 B
488 B
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/_parts/advertise.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
359fd42a97c9d64be6952af8bae0ebbc592377949e8213a6d8be172e6846f9d9

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:47:43 GMT
Server
nginx
ETag
W/"5cf7b9ef-25"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
Adblocked adriver.js
dr.habracdn.net/habrcom/javascripts/1559738781/_parts
111 B
566 B
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/_parts/adriver.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
aba04e615c95305b30642e439119960999058829ddcfc0f383cdabccfedda4d4
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:47:43 GMT
Server
nginx
ETag
W/"5cf7b9ef-6f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
d003ada9b9491503aa850f6cbcc56abb.png
hsto.org/getpro/habr/company/d00/3ad/a9b
Redirect Chain
  • https://habrastorage.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
  • https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
1 KB
2 KB
Image
General
Full URL
https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
911ec9331623f78e1fa54c99acb46484137171087180b6b0db2c3a2f831d52a2

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status
HIT
cf-polished
pngoptimizer, origSize=2318
status
200
cf-bgj
imgq:100
content-length
1518
last-modified
Mon, 19 Dec 2016 05:25:14 GMT
server
cloudflare
etag
"58576f3a-90e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d225a7ed6bd-FRA
expires
Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location
https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
29cd5f2e42a3169d712fad2f7733a366.jpg
hsto.org/getpro/habr/avatars/29c/d5f/2e4
Redirect Chain
  • https://habrastorage.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
  • https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
5 KB
5 KB
Image
General
Full URL
https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3341037c73f7698ebb36caf03e3d2ff8209207da5190373b5303931c35cb46

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status
HIT
cf-polished
origSize=5446
status
200
cf-bgj
imgq:100
content-length
4912
last-modified
Mon, 09 Oct 2017 22:21:20 GMT
server
cloudflare
etag
"59dbf660-1546"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d225a7fd6bd-FRA
expires
Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location
https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
nxmmyzb6nr39jk_zmiu5wcnylbm.png
hsto.org/webt/nx/mm/yz
Redirect Chain
  • https://habrastorage.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
  • https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
261 KB
262 KB
Image
General
Full URL
https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb4feca4dd115a73d93c997022f50cc8ed84a0d716c0dd43ebd03a8901fec434

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status
HIT
cf-polished
origSize=280967
status
200
cf-bgj
imgq:100
content-length
267542
last-modified
Mon, 03 Jun 2019 10:40:04 GMT
server
cloudflare
etag
"5cf4f904-44987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d22bbaad6bd-FRA
expires
Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location
https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
59e395af93092095133873.png
hsto.org/webt/59/e3/95
Redirect Chain
  • https://habrastorage.org/webt/59/e3/95/59e395af93092095133873.png
  • https://hsto.org/webt/59/e3/95/59e395af93092095133873.png
108 KB
108 KB
Image
General
Full URL
https://hsto.org/webt/59/e3/95/59e395af93092095133873.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a8458ba95f77d433111269da2dcb82e0a17240c10dffa9ba0d38eb4323a1fc

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
110113
last-modified
Sun, 15 Oct 2017 17:06:55 GMT
server
cloudflare
etag
"59e395af-1ae21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d22bbadd6bd-FRA
expires
Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location
https://hsto.org/webt/59/e3/95/59e395af93092095133873.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
59e395af93c4f468367566.png
hsto.org/webt/59/e3/95
Redirect Chain
  • https://habrastorage.org/webt/59/e3/95/59e395af93c4f468367566.png
  • https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png
92 KB
92 KB
Image
General
Full URL
https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9a3e0d82f7d7dcd488d2cb2d56ff67e1b9782e4db18f61fc0d2b7246df76de

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
93905
last-modified
Sun, 15 Oct 2017 17:06:55 GMT
server
cloudflare
etag
"59e395af-16ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d234da3d6bd-FRA
expires
Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location
https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
59e395afb9650235665851.png
hsto.org/webt/59/e3/95
Redirect Chain
  • https://habrastorage.org/webt/59/e3/95/59e395afb9650235665851.png
  • https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png
141 KB
141 KB
Image
General
Full URL
https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfef520da48dd3215d766ea947ccd83b8d26588829206c62e058f643c3d4c1b8

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
cf-bgj
imgq:100
content-length
144280
last-modified
Sun, 15 Oct 2017 17:06:55 GMT
server
cloudflare
etag
"59e395af-23398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d234da5d6bd-FRA
expires
Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location
https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
59e3770e949f3269504620.png
hsto.org/webt/59/e3/77
Redirect Chain
  • https://habrastorage.org/webt/59/e3/77/59e3770e949f3269504620.png
  • https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png
50 KB
50 KB
Image
General
Full URL
https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b28e92012b6ae42166a2bcb3ad556a195db7803a963e26eb2980b2fd7954f2e4

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status
HIT
cf-polished
pngoptimizer, origSize=66027
status
200
cf-bgj
imgq:100
content-length
51359
last-modified
Sun, 15 Oct 2017 14:56:14 GMT
server
cloudflare
etag
"59e3770e-101eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d235db2d6bd-FRA
expires
Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location
https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
59e4fc4eee061363676501.png
hsto.org/webt/59/e4/fc
Redirect Chain
  • https://habrastorage.org/webt/59/e4/fc/59e4fc4eee061363676501.png
  • https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png
54 KB
54 KB
Image
General
Full URL
https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6537196c55e39e35f59eca829e70f280423f2e69e500203cafc5017b7ba179ae

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status
HIT
cf-polished
pngoptimizer, origSize=56741
status
200
cf-bgj
imgq:100
content-length
55615
last-modified
Mon, 16 Oct 2017 18:37:03 GMT
server
cloudflare
etag
"59e4fc4f-dda5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d251b10d6bd-FRA
expires
Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location
https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
59e55464f2331285132470.png
hsto.org/webt/59/e5/54
Redirect Chain
  • https://habrastorage.org/webt/59/e5/54/59e55464f2331285132470.png
  • https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png
467 KB
468 KB
Image
General
Full URL
https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ccaf41bcfc89670793da81a140a57fbc8b3b1bdb47c876dd04666449ca679c4

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status
HIT
cf-polished
origSize=545595
status
200
cf-bgj
imgq:100
content-length
478533
last-modified
Tue, 17 Oct 2017 00:52:53 GMT
server
cloudflare
etag
"59e55465-8533b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4e253d24a9e2d6bd-FRA
expires
Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location
https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png
Date
Wed, 05 Jun 2019 21:28:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Content-Type
text/html
vendors.bundle.js
dr.habracdn.net/habrcom/javascripts/1559738781
286 KB
92 KB
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/vendors.bundle.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
05d717091368bbc4f0a27dec92a58f99eb5c226a4e7529b9bcb29ef33231bebf

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:48:03 GMT
Server
nginx
ETag
W/"5cf7ba03-47816"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
main.bundle.js
dr.habracdn.net/habrcom/javascripts/1559738781
139 KB
38 KB
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/main.bundle.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
10ba48fa782bc4809eea111944c8655597e84c74bb370e8d589b005be5c5726f

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:48:03 GMT
Server
nginx
ETag
W/"5cf7ba03-22a5d"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
MathJax.js?config=TeX-AMS_SVG-full&locale=ru
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1
62 KB
18 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48344fd55558bbeb600062a175d052979f9ece87c7299788f8ecf16a46c87bf6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:52 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:23:44 GMT
server
cloudflare
etag
W/"5afd4a20-f648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 May 2020 21:28:52 GMT
cache-control
public, max-age=30672000
cf-ray
4e253d212a7364b5-FRA
served-in-seconds
0.003
highlight.pack.js
dr.habracdn.net/habrcom/javascripts/1559738781/libs
8 KB
4 KB
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/highlight.pack.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
a790d9c7cfbcbb281ac9c30c714a28f3071d3d5f26b8a302fb821472e63a67d0

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:47:41 GMT
Server
nginx
ETag
W/"5cf7b9ed-1ffd"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:06 GMT
highlight.langs.js
dr.habracdn.net/habrcom/javascripts/1559738781/libs
155 KB
52 KB
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/highlight.langs.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
fc0a6e11e21ffc94010e635abbf0e7f4fd601d9b397133d2fdfb2940a441cb84

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:47:41 GMT
Server
nginx
ETag
W/"5cf7b9ed-26cea"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:06 GMT
check-login.js
dr.habracdn.net/habrcom/javascripts/1559738781
607 B
769 B
Script
General
Full URL
https://dr.habracdn.net/habrcom/javascripts/1559738781/check-login.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
assets.habranet.net
Software
nginx /
Resource Hash
d99eca568bf6aa97d6a32c7f6b21375b78ae636c507890659d4bd1ef8d1ff7e1

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 12:47:41 GMT
Server
nginx
ETag
W/"5cf7b9ed-25f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Jul 2019 12:48:05 GMT
/
/ru/viewcount/post/454592
0
877 B
Script
General
Full URL
https://habr.com/ru/viewcount/post/454592/
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR / PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Keep-Alive
timeout=15
Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript;charset=UTF-8
Server
QRATOR
X-Powered-By
PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Transfer-Encoding
chunked
Connection
keep-alive
X-Proxy-Upstream
habrcom-web
Vary
Accept-Encoding
Public-Key-Pins
pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
firaSans-medium.woff2
/fonts/0/FiraSans
157 KB
158 KB
Font
General
Full URL
https://habr.com/fonts/0/FiraSans/firaSans-medium.woff2
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a10a4d0cd9bbbd50cdb98fefb19a5fff77a79c8e3290c120edf638d27e40c29b
Security Headers
Name Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://habr.com/ru/company/dsec/blog/454592/
Origin
https://habr.com

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
X-Proxy-Upstream
habrcom-web
Last-Modified
Thu, 25 Oct 2018 10:44:12 GMT
Server
QRATOR
X-Proxy-Cache-Status
HIT
ETag
"5bd19e7c-2737c"
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
font/woff2
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
160636
Public-Key-Pins
pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Expires
Thu, 04 Jul 2019 01:22:45 GMT
Adblocked px.gif?ch=1&rn=9.638015271306644
/images
43 B
629 B
Image
General
Full URL
https://habr.com/images/px.gif?ch=1&rn=9.638015271306644
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
X-Proxy-Upstream
habrcom-web
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
QRATOR
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
image/gif
Connection
keep-alive
Keep-Alive
timeout=15
Content-Length
43
Public-Key-Pins
pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Adblocked px.gif?ch=2&rn=9.638015271306644
/images
43 B
629 B
Image
General
Full URL
https://habr.com/images/px.gif?ch=2&rn=9.638015271306644
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
X-Proxy-Upstream
habrcom-web
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
QRATOR
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
image/gif
Connection
keep-alive
Keep-Alive
timeout=15
Content-Length
43
Public-Key-Pins
pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
common-svg-sprite.svg
/images/1559738781
6 KB
3 KB
Other
General
Full URL
https://habr.com/images/1559738781/common-svg-sprite.svg
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
9d8dd904f2a4384102930a15130f6bf0fcf3f132cafecd4d25c626bc58dce55c
Security Headers
Name Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
X-Proxy-Cache-Status
HIT
Transfer-Encoding
chunked
Connection
keep-alive
Public-Key-Pins
pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
X-Proxy-Upstream
habrcom-web
Last-Modified
Tue, 15 Jan 2019 09:33:24 GMT
Server
QRATOR
ETag
W/"5c3da8e4-19b6"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Keep-Alive
timeout=15
Expires
Fri, 05 Jul 2019 12:48:49 GMT
Adblocked /
mediator.mail.ru/script/2820404
25 KB
10 KB
Script
General
Full URL
https://mediator.mail.ru/script/2820404/
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
collector.mediator.media
Software
nginx/1.12.2 /
Resource Hash
c8f2fbc4d9989e0497b4c28dfce86c0434adb6d222cc052d86abfe33fc603021
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 21:28:52 GMT
cache-control
private, no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx/1.12.2
content-encoding
gzip
content-type
application/javascript
data:truncated
data:truncated
1018 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f0f32f49883bf0cf384f663d64b06f4bdb5fa9806eed81f825f20d289b0c71a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
Adblocked page.php?href=https%3A%2F%2Fwww.facebook.com%2FDSecRU%2F&width=260&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
www.facebook.com/plugins
0
0
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDSecRU%2F&width=260&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: dr.habracdn.net
URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/jquery-1.8.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Blocked
Source: easylist, Type: annoyance (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDSecRU%2F&width=260&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://habr.com/ru/company/dsec/blog/454592/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://habr.com/ru/company/dsec/blog/454592/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
/wdxW470tcPQmLEA3kodVUcWRafujKnnWaAffZBw7aIby4PB3tGViTg/sjGVRc3+alMVwbIPx7vc/dRjyeEuYw==
date
Wed, 05 Jun 2019 21:28:52 GMT
widgets.js
platform.twitter.com
93 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B6) /
Resource Hash
0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2019 16:50:27 GMT
Server
ECS (fcn/40B6)
Etag
"c0ccc06d58626dbfe4c4102bca9dfe9c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28050
ru.js?V=2.7.1
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru
3 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru/ru.js?V=2.7.1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca52c4e13a919e9498f8e7fc39fda45b124c0481d60f94865c89bd1ef98a329
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:23:55 GMT
server
cloudflare
etag
W/"5afd4a2b-ca1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 May 2020 21:28:53 GMT
cache-control
public, max-age=30672000
cf-ray
4e253d235c3264b5-FRA
served-in-seconds
0.000
TeX-AMS_SVG-full.js?V=2.7.1
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/config
273 KB
75 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/config/TeX-AMS_SVG-full.js?V=2.7.1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
625806b9470bbf0838832c12de4250b0107195316009ab6d6bef31e0f08cea30
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:23:44 GMT
server
cloudflare
etag
W/"5afd4a20-4432f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 May 2020 21:28:53 GMT
cache-control
public, max-age=30672000
cf-ray
4e253d236c3364b5-FRA
served-in-seconds
0.004
Adblocked ?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=v&wc=4634
mediator.mail.ru/script/2820404/register
4 B
147 B
Image
General
Full URL
https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=v&wc=4634
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
collector.mediator.media
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 21:28:53 GMT
cache-control
private, no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx/1.12.2
content-type
application/octet-stream
Adblocked watch.js
mc.yandex.ru/metrika
132 KB
39 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
4cb9f1d889f92113dbb3129f45523b0db93a4efd42090ff8eb122bc70b600732
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding
br
Last-Modified
Tue, 04 Jun 2019 07:46:17 GMT
Server
nginx/1.12.2
ETag
"5cf621c9-9b15"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
39701
Expires
Wed, 05 Jun 2019 22:28:53 GMT
Adblocked fbevents.js
connect.facebook.net/en_US
54 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16245
x-xss-protection
0
pragma
public
x-fb-debug
8uSWtykTV3ktz3VDrbkHIxKTim1pZ6kAdos9fnvnUvcF72T7fPzjoh6sHPTSTqk30753IKY2g5N6jeqgQPdl5w==
date
Wed, 05 Jun 2019 21:28:53 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
/ru/toplink
Redirect Chain
  • https://habr.com/toplink/
  • https://habr.com/ru/toplink/
567 B
790 B
XHR
General
Full URL
https://habr.com/ru/toplink/
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR / PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash
86e18d9467341bc557003599168a94e31ad7456a33be1ef40d96f16c66dccb28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
QRATOR
X-Powered-By
PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options
SAMEORIGIN
P3P
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Keep-Alive
timeout=15

Redirect headers

Date
Wed, 05 Jun 2019 21:28:53 GMT
X-Content-Type-Options
nosniff
Server
QRATOR
Location
https://habr.com/ru/toplink/
X-Powered-By
PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options
SAMEORIGIN
P3P
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=15
?_=1559770133120
account.habr.com/checklogin
38 B
1 KB
Script
General
Full URL
https://account.habr.com/checklogin/?_=1559770133120
Requested by
Host: dr.habracdn.net
URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.232.25 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR / PHP/7.2.16-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash
fb83a22b9431ed44fc4216980e25159afa5cd22e762de3d4c0e4390033bcaeed
Security Headers
Name Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.16-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding
chunked
P3P
CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA", CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Connection
keep-alive
Vary
Accept-Encoding
Public-Key-Pins
pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Server
QRATOR
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag, Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15
Expires
Sat, 26 Jul 1997 05:00:00 GMT
widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=https%3A%2F%2Fhabr.com
platform.twitter.com/widgets
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=https%3A%2F%2Fhabr.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://habr.com/ru/company/dsec/blog/454592/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://habr.com/ru/company/dsec/blog/454592/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Jun 2019 21:28:53 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Wed, 05 Jun 2019 16:49:09 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40E4)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
2506
date
Wed, 05 Jun 2019 20:47:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 05 Jun 2019 22:47:07 GMT
Adblocked 317458588730613?v=2.8.51&r=stable
connect.facebook.net/signals/config
228 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/317458588730613?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
bd889b42115a920bc2e8e1eb2f18fbd946847462c0beb173cb726f4136062983
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
61415
x-xss-protection
0
pragma
public
x-fb-debug
pdI8TX1dO9Ba7IuZQE8Aw9Q+InXqaAOMV46P0slOckoc74qLoBpPLcULGovwbAhhs8iPOJ0VMOrkw5suMR2XyA==
date
Wed, 05 Jun 2019 21:28:53 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked js?id=GTM-559GVC8&cid=751929478.1559770133
www.google-analytics.com/gtm
53 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-559GVC8&cid=751929478.1559770133
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
25a3390c286888dfb519af7dbf8f7ce40aae8760ec007c6ceda0724e88101088
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20332
x-xss-protection
0
expires
Wed, 05 Jun 2019 21:28:53 GMT
Adblocked collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%B...
www.google-analytics.com/r
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDACEABR~&jid=2107803205&gjid=1017172994&cid=751929478.1559770133&tid=UA-116538445-2&_gid=364082450.1559770133&_r=1&z=560446820
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...
mc.yandex.ru/watch/24049213
Redirect Chain
  • https://mc.yandex.ru/watch/24049213?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%...
  • https://mc.yandex.ru/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3As...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 21:28:53 GMT
Last-Modified
Wed, 05-Jun-2019 21:28:53 GMT
Server
nginx/1.12.2
Location
/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://habr.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 05-Jun-2019 21:28:53 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 21:28:53 GMT
Last-Modified
Wed, 05-Jun-2019 21:28:53 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
https://habr.com
Strict-Transport-Security
max-age=31536000
Location
/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 05-Jun-2019 21:28:53 GMT
fontdata.js?V=2.7.1
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/jax/output/SVG/fonts/TeX
140 KB
55 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/jax/output/SVG/fonts/TeX/fontdata.js?V=2.7.1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b244afac2c4149ebf2ea7dad8a908f8a126c6485f42c23b9bb521f9f7011d1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:22:41 GMT
server
cloudflare
etag
W/"5afd49e1-230d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 May 2020 21:28:53 GMT
cache-control
public, max-age=30672000
cf-ray
4e253d252ddb64b5-FRA
served-in-seconds
0.035
Verified Adblocked advert.gif
mc.yandex.ru/metrika
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Wed, 05 Jun 2019 22:28:53 GMT
Adblocked 1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...
mc.yandex.ru/watch/24049213
133 B
677 B
XHR
General
Full URL
https://mc.yandex.ru/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
120276d47f374c766b480c2c571d358921396aed6af5bb80fc996021dc095f6e
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
Origin
https://habr.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 05 Jun 2019 21:28:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05-Jun-2019 21:28:53 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://habr.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Wed, 05-Jun-2019 21:28:53 GMT
Adblocked collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%B...
www.google-analytics.com
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAiEADR~&jid=2029470880&gjid=1987003073&cid=751929478.1559770133&tid=UA-726094-1&_gid=364082450.1559770133&cd1=guest&cd2=publish_corp&cd3=na&cd4=no&cd6=ru&z=1273245065
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 May 2019 08:50:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
477499
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502
www.google.de/ads
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&gjid=1987003073&_gid=364082450.1559770133&_u=aGDAiEADR~&z=850260856
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_gid=364082450.1559770133&gjid=372360934&_v=j76&z=770722134
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked inferredEvents.js?v=2.8.51
connect.facebook.net/signals/plugins
1 KB
898 B
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
xEd++OLMe9X6b4p9UITrESsxAaP3cyVx11IGoseZ5ZKIykr7+2CeALmP6LyS6n/VlIzky50FboZ+xzJjUw8oIw==
date
Wed, 05 Jun 2019 21:28:53 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked ?id=317458588730613&ev=PageView&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&rl=&if=false&ts=1559770133456&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1559770133435.1...
www.facebook.com/tr
44 B
316 B
Image
General
Full URL
https://www.facebook.com/tr/?id=317458588730613&ev=PageView&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&rl=&if=false&ts=1559770133456&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1559770133435.1308381878&it=1559770133178&coo=false&rqm=GET
Requested by
Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 05 Jun 2019 21:28:53 GMT
Adblocked ?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=s0
mediator.mail.ru/script/2820404/register
4 B
147 B
Image
General
Full URL
https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=s0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
collector.mediator.media
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 21:28:53 GMT
cache-control
private, no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx/1.12.2
content-type
application/octet-stream
Adblocked /
www.facebook.com/tr
0
0
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3644
pragma
no-cache
cache-control
no-cache
origin
https://habr.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://habr.com/ru/company/dsec/blog/454592/
accept-encoding
gzip, deflate, br
cookie
fr=0hjLsZdwYyw2AAhOF..Bc-DQV...1.0.Bc-DQV.
Origin
https://habr.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://habr.com/ru/company/dsec/blog/454592/

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://habr.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen
date
Wed, 05 Jun 2019 21:28:53 GMT
MathMenu.js?V=2.7.1
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru
15 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru/MathMenu.js?V=2.7.1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7469c345ae24362b321999c9c53b45a7206fec9e976c5dc817f94e2e3ace6209
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 05 Jun 2019 21:28:54 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:22:41 GMT
server
cloudflare
etag
W/"5afd49e1-3a1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 May 2020 21:28:54 GMT
cache-control
public, max-age=30672000
cf-ray
4e253d2d3c6b64b5-FRA
served-in-seconds
0.025
Adblocked ?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=ts0
mediator.mail.ru/script/2820404/register
4 B
147 B
Image
General
Full URL
https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=ts0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
collector.mediator.media
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 21:28:58 GMT
cache-control
private, no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx/1.12.2
content-type
application/octet-stream
Adblocked ?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=t0
mediator.mail.ru/script/2820404/register
4 B
147 B
Image
General
Full URL
https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=t0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
collector.mediator.media
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 21:28:58 GMT
cache-control
private, no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx/1.12.2
content-type
application/octet-stream
Adblocked ?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=t0
mediator.mail.ru/script/2820404/register
4 B
147 B
Image
General
Full URL
https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=t0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
collector.mediator.media
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://habr.com/ru/company/dsec/blog/454592/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 05 Jun 2019 21:29:03 GMT
cache-control
private, no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx/1.12.2
content-type
application/octet-stream

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 6
  • https://habrastorage.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
  • https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
Request 7
  • https://habrastorage.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
  • https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
Request 8
  • https://habrastorage.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
  • https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
Request 9
  • https://habrastorage.org/webt/59/e3/95/59e395af93092095133873.png
  • https://hsto.org/webt/59/e3/95/59e395af93092095133873.png
Request 10
  • https://habrastorage.org/webt/59/e3/95/59e395af93c4f468367566.png
  • https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png
Request 11
  • https://habrastorage.org/webt/59/e3/95/59e395afb9650235665851.png
  • https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png
Request 12
  • https://habrastorage.org/webt/59/e3/77/59e3770e949f3269504620.png
  • https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png
Request 13
  • https://habrastorage.org/webt/59/e4/fc/59e4fc4eee061363676501.png
  • https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png
Request 14
  • https://habrastorage.org/webt/59/e5/54/59e55464f2331285132470.png
  • https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png
Request 35
  • https://habr.com/toplink/
  • https://habr.com/ru/toplink/
Request 42
  • https://mc.yandex.ru/watch/24049213?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%...
  • https://mc.yandex.ru/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3As...
Request 47
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&gjid=1987003073&_gid=364082450.1559770133&_u=aGDAiEADR~&z=850260856
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502
Request 48
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_gid=364082450.1559770133&gjid=372360934&_v=j76&z=770722134
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| FontFaceObserver function| $ function| jQuery function| create_callback_for_blocked object| habr_blockers_checker function| display_dfp_slot object| Raven object| adblockInit string| adb1 function| callGA string| userLabel string| g_base_url string| g_base_fullurl string| g_tmid_fullurl boolean| g_is_guest boolean| g_show_xpanel string| g_is_enableShortcuts string| g_current_hl string| g_current_fl object| hljs function| hcSticky object| __twttrll object| twttr object| __twttr object| jQuery18305148476862722955 function| ajaxFormBeforSubmit function| ajaxFormError function| ajaxFormRedirect function| ajaxFormSuccess function| createCookie function| empty function| _getDate function| _getTime function| H object| K function| mention_autocomplete function| replaceURLWithHTMLLinks function| show_form_errors function| show_system_error function| timer_countdown function| userKarmaVote function| i18nMsg object| RecaptchaOptions function| show_uploader function| openSearch function| Follow function| Suggest function| change_post_subscibptions_checkboxes function| closeForm function| posts_add_to_favorite function| posts_poll function| posts_vote function| showAbuseForm function| show_edit_tags function| show_recommend_form function| comment_delete function| comment_preview function| comments_add_to_favorite function| comment_send function| comment_show_edit_form function| comment_show_form function| comment_show_reply_form function| comment_update function| comment_vote function| instagrammProcess function| showCommentParents object| habraWYG object| habraWYG2 object| MathJax object| _mediator function| fbq function| _fbq string| key number| ajax_errors_count number| lastScrollPosition function| tmidLogin string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer undefined| module object| Ya object| yaCounter24049213 object| google_tag_manager object| google_optimize object| EVENT object| TOUCH object| HOVER

13 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0hjLsZdwYyw2AAhOF..Bc-DQV...1.0.Bc-DQV.
.habr.com/ Name: _fbp
Value: fb.1.1559770133435.1308381878
.habr.com/ Name: _gat
Value: 1
.habr.com/ Name: _ym_isad
Value: 2
.habr.com/ Name: _gat_HGM
Value: 1
.habr.com/ Name: _ym_d
Value: 1559770133
.habr.com/ Name: _gat_company
Value: 1
.habr.com/ Name: _ym_visorc_24049213
Value: b
.habr.com/ Name: _ym_uid
Value: 1559770133314513610
.habr.com/ Name: _gid
Value: GA1.2.364082450.1559770133
.habr.com/ Name: _ga
Value: GA1.2.751929478.1559770133
habr.com/ Name: tmid_no_check
Value: 1
habr.com/ Name: ab_test_vacancies_block_group
Value: B

1 Console Messages

Source Level URL
Text
console-api log URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/raven.min.js, Line 2, Column1268
Message:
FS500-loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Public-Key-Pins pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

account.habr.com
cdnjs.cloudflare.com
connect.facebook.net
dr.habracdn.net
habr.com
habrastorage.org
hsto.org
mc.yandex.ru
mediator.mail.ru
platform.twitter.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de


178.248.232.25
178.248.237.68
217.69.139.231
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:b71c
2606:4700::6813:c597
2a00:1450:4001:808::2004
2a00:1450:4001:819::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c06::9c
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
82.192.95.175
95.213.152.170

05d717091368bbc4f0a27dec92a58f99eb5c226a4e7529b9bcb29ef33231bebf
0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6
10ba48fa782bc4809eea111944c8655597e84c74bb370e8d589b005be5c5726f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120276d47f374c766b480c2c571d358921396aed6af5bb80fc996021dc095f6e
25a3390c286888dfb519af7dbf8f7ce40aae8760ec007c6ceda0724e88101088
2afde481f885e44a63082aea8936e0704c1be721fb3f752ba79465cd6ddfbd15
359fd42a97c9d64be6952af8bae0ebbc592377949e8213a6d8be172e6846f9d9
3a3341037c73f7698ebb36caf03e3d2ff8209207da5190373b5303931c35cb46
48344fd55558bbeb600062a175d052979f9ece87c7299788f8ecf16a46c87bf6
4cb9f1d889f92113dbb3129f45523b0db93a4efd42090ff8eb122bc70b600732
4ccaf41bcfc89670793da81a140a57fbc8b3b1bdb47c876dd04666449ca679c4
4f0f32f49883bf0cf384f663d64b06f4bdb5fa9806eed81f825f20d289b0c71a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
625806b9470bbf0838832c12de4250b0107195316009ab6d6bef31e0f08cea30
6537196c55e39e35f59eca829e70f280423f2e69e500203cafc5017b7ba179ae
69b244afac2c4149ebf2ea7dad8a908f8a126c6485f42c23b9bb521f9f7011d1
7469c345ae24362b321999c9c53b45a7206fec9e976c5dc817f94e2e3ace6209
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e18d9467341bc557003599168a94e31ad7456a33be1ef40d96f16c66dccb28
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
911ec9331623f78e1fa54c99acb46484137171087180b6b0db2c3a2f831d52a2
9d8dd904f2a4384102930a15130f6bf0fcf3f132cafecd4d25c626bc58dce55c
a10a4d0cd9bbbd50cdb98fefb19a5fff77a79c8e3290c120edf638d27e40c29b
a790d9c7cfbcbb281ac9c30c714a28f3071d3d5f26b8a302fb821472e63a67d0
aba04e615c95305b30642e439119960999058829ddcfc0f383cdabccfedda4d4
b28e92012b6ae42166a2bcb3ad556a195db7803a963e26eb2980b2fd7954f2e4
bca52c4e13a919e9498f8e7fc39fda45b124c0481d60f94865c89bd1ef98a329
bd889b42115a920bc2e8e1eb2f18fbd946847462c0beb173cb726f4136062983
bfef520da48dd3215d766ea947ccd83b8d26588829206c62e058f643c3d4c1b8
c8f2fbc4d9989e0497b4c28dfce86c0434adb6d222cc052d86abfe33fc603021
cb4feca4dd115a73d93c997022f50cc8ed84a0d716c0dd43ebd03a8901fec434
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d99eca568bf6aa97d6a32c7f6b21375b78ae636c507890659d4bd1ef8d1ff7e1
e213b3a3435ce8c6188d7db8f00aaf2d1ec5458f95b877ad0a88a44af8b7bf60
e29252e62da9506dac3650459784646eb7f4f6e2928cf157ef14cd21f1e34cb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8a8458ba95f77d433111269da2dcb82e0a17240c10dffa9ba0d38eb4323a1fc
fb83a22b9431ed44fc4216980e25159afa5cd22e762de3d4c0e4390033bcaeed
fc0a6e11e21ffc94010e635abbf0e7f4fd601d9b397133d2fdfb2940a441cb84
fe9a3e0d82f7d7dcd488d2cb2d56ff67e1b9782e4db18f61fc0d2b7246df76de