habr.com Open in urlscan Pro
178.248.237.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://habr.com/ru/company/dsec/blog/454592/
Submission: On June 05 via manual (June 5th 2019, 9:29:08 pm UTC) from US

Summary HTTP 56 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 14 domains to perform 56 HTTP transactions. The main IP is 178.248.237.68, located in Russian Federation and belongs to QRATOR, RU. The main domain is habr.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 14th 2018. Valid for: 2 years.

This is the only time habr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	178.248.237.68 178.248.237.68	197068 (QRATOR) (QRATOR)
10	82.192.95.175 82.192.95.175	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
9 9	95.213.152.170 95.213.152.170	50340 (SELECTEL-MSK) (SELECTEL-MSK)
9	2606:4700:20:... 2606:4700:20::6819:b71c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	217.69.139.231 217.69.139.231	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	178.248.232.25 178.248.232.25	197068 (QRATOR) (QRATOR)
1 5	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
56	13

8 178.248.237.68 (Russian Federation) 1 redirects

ASN197068 (QRATOR, RU)

habr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 82.192.95.175 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: assets.habranet.net

dr.habracdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.213.152.170 (Moscow, Russian Federation) 9 redirects

ASN50340 (SELECTEL-MSK, RU)

habrastorage.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::6819:b71c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hsto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.69.139.231 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: collector.mediator.media

mediator.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.248.232.25 (Russian Federation)

ASN197068 (QRATOR, RU)

account.habr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	habracdn.net dr.habracdn.net	280 KB
9	hsto.org hsto.org	1 MB
9	habrastorage.org 9 redirects habrastorage.org	2 KB
9	habr.com 1 redirects habr.com account.habr.com	217 KB
6	mail.ru mediator.mail.ru	11 KB
5	google-analytics.com 1 redirects www.google-analytics.com	38 KB
5	yandex.ru 1 redirects mc.yandex.ru	42 KB
5	cloudflare.com cdnjs.cloudflare.com	153 KB
3	facebook.net connect.facebook.net	78 KB
3	facebook.com www.facebook.com	316 B
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	357 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	317 B
2	twitter.com platform.twitter.com	28 KB
56	14

	Domain	Requested by
10	dr.habracdn.net	habr.com
9	hsto.org	habr.com
9	habrastorage.org	9 redirects
8	habr.com	1 redirects habr.com
6	mediator.mail.ru	habr.com
5	www.google-analytics.com	1 redirects habr.com www.google-analytics.com
5	mc.yandex.ru	1 redirects habr.com
5	cdnjs.cloudflare.com	habr.com cdnjs.cloudflare.com
3	connect.facebook.net	habr.com connect.facebook.net
3	www.facebook.com	dr.habracdn.net habr.com connect.facebook.net
2	www.google.de	habr.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	platform.twitter.com	habr.com platform.twitter.com
1	account.habr.com	dr.habracdn.net
56	15

This site contains links to these domains. Also see Links.

Domain
toster.ru
moikrug.ru
freelansim.ru
github.com
dev.w3.org
www.jsfuck.com
utf-8.jp
syllab.fr
unicode.org
hackerone.com
waf.ninja
medium.com
www.slideshare.net
twitter.com
api.test.com
portswigger.net
dsec.ru
facebook.com
www.facebook.com
vk.com
t.me
getpocket.com
zeronights.ru
www.twitter.com
t.co
account.habr.com
tmtm.ru
appmetrica.yandex.com
m.habr.com
telegram.me
www.youtube.com
zen.yandex.ru

Subject Issuer	Validity	Valid
habr.com COMODO RSA Domain Validation Secure Server CA	`2018-03-14` - `2020-03-13`	2 years	crt.sh
dr.habracdn.net COMODO RSA Domain Validation Secure Server CA	`2017-12-15` - `2020-12-14`	3 years	crt.sh
hsto.org CloudFlare Inc ECC CA-2	`2019-02-11` - `2020-02-11`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2017-12-19` - `2020-03-26`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-07-21`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
account.habr.com COMODO RSA Domain Validation Secure Server CA	`2018-12-11` - `2020-12-10`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://habr.com/ru/company/dsec/blog/454592/
Frame ID: BA57181DCCA32E956220483B9F94E5CB
Requests: 54 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDSecRU%2F&width=260&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: AC5D86E7A1EA0AB08D7A3BAA555F5F8A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=https%3A%2F%2Fhabr.com
Frame ID: E842C4F41988E9407ECB8D7472981989
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F747376C269EF0595742BD90475276F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

MathJax (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

env /^MathJax$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

56
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

13
IPs

6
Countries

2026 kB
Transfer

3710 kB
Size

13
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://toster.ru/?utm_source=tm_habrahabr&utm_medium=tm_top_panel&utm_campaign=tm_promo
Title: Тостер

Search URL Search Domain Scan URL

URL: https://moikrug.ru/?utm_source=tm_habrahabr&utm_medium=tm_top_panel&utm_campaign=tm_promo
Title: Мой круг

Search URL Search Domain Scan URL

URL: https://freelansim.ru/?utm_source=tm_habrahabr&utm_medium=tm_top_panel&utm_campaign=tm_promo
Title: Фрилансим

Search URL Search Domain Scan URL

URL: https://github.com/client9/libinjection
Title: libinjection

Search URL Search Domain Scan URL

URL: https://dev.w3.org/html5/html-author/charref
Title: here

Search URL Search Domain Scan URL

URL: http://www.jsfuck.com/
Title: JSFuck

Search URL Search Domain Scan URL

URL: http://utf-8.jp/public/jjencode.html
Title: Jjencode

Search URL Search Domain Scan URL

URL: https://syllab.fr/projets/experiments/xcharsjs/5chars.pipeline.html
Title: Xchars.js

Search URL Search Domain Scan URL

URL: http://unicode.org/charts/normalization/
Title: Unicode normalization table

Search URL Search Domain Scan URL

URL: https://hackerone.com/reports/231444
Title: hackerone.com/reports/231444

Search URL Search Domain Scan URL

URL: https://hackerone.com/reports/231389
Title: hackerone.com/reports/231389

Search URL Search Domain Scan URL

URL: https://github.com/attackercan/cpp-sql-fuzzer
Title: chear sheet

Search URL Search Domain Scan URL

URL: https://github.com/2d8/libinjection-fuzzer
Title: Another fuzzer

Search URL Search Domain Scan URL

URL: https://waf.ninja/libinjection-fuzz-to-bypass/
Title: Fuzz to bypass

Search URL Search Domain Scan URL

URL: https://medium.com/@d0znpp/how-to-bypass-libinjection-in-many-waf-ngwaf-1e2513453c0f
Title: How to bypasss libinjection

Search URL Search Domain Scan URL

URL: https://www.slideshare.net/ssusera0a306/zeronights-2016-a-blow-under-the-belt-how-to-avoid-wafipsdlp-wafipsdlp
Title: slides

Search URL Search Domain Scan URL

URL: https://twitter.com/i_bo0om
Title: Bo0oM

Search URL Search Domain Scan URL

URL: http://api.test.com/getuser?id=123
Title: api.test.com/getuser?id=123

Search URL Search Domain Scan URL

URL: http://api.test.com/setMarkDown
Title: api.test.com/setMarkDown

Search URL Search Domain Scan URL

URL: https://github.com/lightbulb-framework/lightbulb-framework
Title: lightbulb-framework

Search URL Search Domain Scan URL

URL: https://portswigger.net/bappstore/bapps/details/ae2611da3bbc4687953a1f4ba6a4e04c
Title: Bypass WAF

Search URL Search Domain Scan URL

URL: https://github.com/EnableSecurity/wafw00f
Title: WAFW00F

Search URL Search Domain Scan URL

URL: https://twitter.com/barracud4_
Title: Ilia Bulatov

Search URL Search Domain Scan URL

URL: https://twitter.com/_ttffdd_
Title: Denis Rybin

Search URL Search Domain Scan URL

URL: https://twitter.com/webr0ck
Title: Alexander Romanov

Search URL Search Domain Scan URL

URL: http://dsec.ru/
Title: Сайт

Search URL Search Domain Scan URL

URL: https://facebook.com/Digital-Security-553106818075570
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/dsecru
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://habr.com/ru/company/dsec/blog/454592/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=WAF+through+the+eyes+of+hackers+https://habr.com/p/454592/+via+%40habr_com
Title:

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https://habr.com/ru/company/dsec/blog/454592/
Title:

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://habr.com/ru/company/dsec/blog/454592/&title=WAF%20through%20the%20eyes%20of%20hackers
Title:

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://habr.com/ru/company/dsec/blog/454592/&title=WAF%20through%20the%20eyes%20of%20hackers
Title:

Search URL Search Domain Scan URL

URL: https://dsec.ru/
Title: dsec.ru

Search URL Search Domain Scan URL

URL: http://zeronights.ru/
Title: ZeroNights — международная конференция, посвященная техническим аспектам информационной безопасности

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZeroNightsConf
Title: ZeroNights в FaceBook

Search URL Search Domain Scan URL

URL: http://vk.com/ZeroNightsConf
Title: ZeroNights vKontakte

Search URL Search Domain Scan URL

URL: https://twitter.com/DSecRU
Title: DSecRU

Search URL Search Domain Scan URL

URL: https://www.twitter.com/habr_com
Title: habr_com

Search URL Search Domain Scan URL

URL: https://t.co/T0fY1gLI2q
Title: https://t.co/T0fY1gLI2q

Search URL Search Domain Scan URL

URL: https://www.twitter.com/DSecRU
Title: DSecRU

Search URL Search Domain Scan URL

URL: https://t.co/kKFDZfN3y2
Title: https://t.co/kKFDZfN3y2

Search URL Search Domain Scan URL

URL: https://t.co/VIOJl22fHc
Title: https://t.co/VIOJl22fHc

Search URL Search Domain Scan URL

URL: https://account.habr.com/info/agreement/?hl=ru_RU
Title: Соглашение

Search URL Search Domain Scan URL

URL: https://account.habr.com/info/confidential/?hl=ru_RU
Title: Конфиденциальность

Search URL Search Domain Scan URL

URL: https://tmtm.ru/services/advertising/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://tmtm.ru/services/corpblog/
Title: Тарифы

Search URL Search Domain Scan URL

URL: https://tmtm.ru/services/content/
Title: Контент

Search URL Search Domain Scan URL

URL: https://tmtm.ru/workshops/
Title: Семинары

Search URL Search Domain Scan URL

URL: https://appmetrica.yandex.com/serve/240693928167260216?utm_source=HH_desktop&utm_medium=button&utm_campaign=appiOS

Search URL Search Domain Scan URL

URL: https://appmetrica.yandex.com/serve/745097116363323173?id=ru.habrahabr&utm_source=HH_desktop&utm_medium=button&utm_campaign=appAndroid

Search URL Search Domain Scan URL

URL: https://tmtm.ru/
Title: TM

Search URL Search Domain Scan URL

URL: https://m.habr.com/post/454592/?mobile=yes
Title: Мобильная версия

Search URL Search Domain Scan URL

URL: https://twitter.com/habr_com
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/habrahabr.ru
Title:

Search URL Search Domain Scan URL

URL: https://vk.com/habr
Title:

Search URL Search Domain Scan URL

URL: https://telegram.me/habr_com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCd_sTwKqVrweTt4oAKY5y4w
Title:

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/habr
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://habrastorage.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png HTTP 302
https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png

Request Chain 6

https://habrastorage.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg HTTP 302
https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg

Request Chain 7

https://habrastorage.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png HTTP 302
https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png

Request Chain 8

https://habrastorage.org/webt/59/e3/95/59e395af93092095133873.png HTTP 302
https://hsto.org/webt/59/e3/95/59e395af93092095133873.png

Request Chain 9

https://habrastorage.org/webt/59/e3/95/59e395af93c4f468367566.png HTTP 302
https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png

Request Chain 10

https://habrastorage.org/webt/59/e3/95/59e395afb9650235665851.png HTTP 302
https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png

Request Chain 11

https://habrastorage.org/webt/59/e3/77/59e3770e949f3269504620.png HTTP 302
https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png

Request Chain 12

https://habrastorage.org/webt/59/e4/fc/59e4fc4eee061363676501.png HTTP 302
https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png

Request Chain 13

https://habrastorage.org/webt/59/e5/54/59e55464f2331285132470.png HTTP 302
https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png

Request Chain 34

https://habr.com/toplink/ HTTP 302
https://habr.com/ru/toplink/

Request Chain 41

https://mc.yandex.ru/watch/24049213?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80 HTTP 302
https://mc.yandex.ru/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80

Request Chain 46

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&gjid=1987003073&_gid=364082450.1559770133&_u=aGDAiEADR~&z=850260856 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502

Request Chain 47

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDACEADR~&jid=1474285606&gjid=372360934&cid=751929478.1559770133&tid=UA-726094-24&_gid=364082450.1559770133&_r=1&cd1=guest&cd2=habrahabr&cd4=no&z=770722134 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_gid=364082450.1559770133&gjid=372360934&_v=j76&z=770722134 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
habr.com/ru/company/dsec/blog/454592/ 247 KB
51 KB 538ms
501ms Document
text/html 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR / PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

e213b3a3435ce8c6188d7db8f00aaf2d1ec5458f95b877ad0a88a44af8b7bf60

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: habr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: QRATOR
Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options: SAMEORIGIN
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
X-Proxy-Cache-Status: MISS
X-Proxy-Upstream: habrcom-web

GET
H/1.1 200
OK main.bundle.css
dr.habracdn.net/habrcom/styles/1559738781/ 280 KB
45 KB 104ms
34ms Stylesheet
text/css 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/styles/1559738781/main.bundle.css
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: e29252e62da9506dac3650459784646eb7f4f6e2928cf157ef14cd21f1e34cb4

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:48:03 GMT
Server: nginx
ETag: W/"5cf7ba03-46071"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/libs/ 91 KB
33 KB 109ms
37ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/jquery-1.8.3.min.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:47:41 GMT
Server: nginx
ETag: W/"5cf7b9ed-16dc4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H/1.1 200
OK raven.min.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/libs/ 37 KB
14 KB 110ms
36ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/raven.min.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: 2afde481f885e44a63082aea8936e0704c1be721fb3f752ba79465cd6ddfbd15

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:47:41 GMT
Server: nginx
ETag: W/"5cf7b9ed-92e5"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H/1.1 200
OK advertise.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/_parts/ 37 B
488 B 102ms
20ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/_parts/advertise.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: 359fd42a97c9d64be6952af8bae0ebbc592377949e8213a6d8be172e6846f9d9

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:47:43 GMT
Server: nginx
ETag: W/"5cf7b9ef-25"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H/1.1 200
OK adriver.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/_parts/ 111 B
566 B 105ms
20ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/_parts/adriver.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: aba04e615c95305b30642e439119960999058829ddcfc0f383cdabccfedda4d4

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:47:43 GMT
Server: nginx
ETag: W/"5cf7b9ef-6f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H2

200

d003ada9b9491503aa850f6cbcc56abb.png
hsto.org/getpro/habr/company/d00/3ad/a9b/
Redirect Chain

https://habrastorage.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png

1 KB
2 KB

62ms
13ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911ec9331623f78e1fa54c99acb46484137171087180b6b0db2c3a2f831d52a2

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status: HIT
cf-polished: pngoptimizer, origSize=2318
status: 200
cf-bgj: imgq:100
content-length: 1518
last-modified: Mon, 19 Dec 2016 05:25:14 GMT
server: cloudflare
etag: "58576f3a-90e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d225a7ed6bd-FRA
expires: Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location: https://hsto.org/getpro/habr/company/d00/3ad/a9b/d003ada9b9491503aa850f6cbcc56abb.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

29cd5f2e42a3169d712fad2f7733a366.jpg
hsto.org/getpro/habr/avatars/29c/d5f/2e4/
Redirect Chain

https://habrastorage.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg

5 KB
5 KB

60ms
11ms

Image
image/jpeg

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3341037c73f7698ebb36caf03e3d2ff8209207da5190373b5303931c35cb46

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status: HIT
cf-polished: origSize=5446
status: 200
cf-bgj: imgq:100
content-length: 4912
last-modified: Mon, 09 Oct 2017 22:21:20 GMT
server: cloudflare
etag: "59dbf660-1546"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d225a7fd6bd-FRA
expires: Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location: https://hsto.org/getpro/habr/avatars/29c/d5f/2e4/29cd5f2e42a3169d712fad2f7733a366.jpg
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

nxmmyzb6nr39jk_zmiu5wcnylbm.png
hsto.org/webt/nx/mm/yz/
Redirect Chain

https://habrastorage.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png

261 KB
262 KB

17ms
17ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb4feca4dd115a73d93c997022f50cc8ed84a0d716c0dd43ebd03a8901fec434

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status: HIT
cf-polished: origSize=280967
status: 200
cf-bgj: imgq:100
content-length: 267542
last-modified: Mon, 03 Jun 2019 10:40:04 GMT
server: cloudflare
etag: "5cf4f904-44987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d22bbaad6bd-FRA
expires: Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location: https://hsto.org/webt/nx/mm/yz/nxmmyzb6nr39jk_zmiu5wcnylbm.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

59e395af93092095133873.png
hsto.org/webt/59/e3/95/
Redirect Chain

https://habrastorage.org/webt/59/e3/95/59e395af93092095133873.png
https://hsto.org/webt/59/e3/95/59e395af93092095133873.png

108 KB
108 KB

11ms
11ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/webt/59/e3/95/59e395af93092095133873.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8a8458ba95f77d433111269da2dcb82e0a17240c10dffa9ba0d38eb4323a1fc

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:52 GMT
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
content-length: 110113
last-modified: Sun, 15 Oct 2017 17:06:55 GMT
server: cloudflare
etag: "59e395af-1ae21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d22bbadd6bd-FRA
expires: Sat, 02 Jun 2029 21:28:52 GMT

Redirect headers

Location: https://hsto.org/webt/59/e3/95/59e395af93092095133873.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

59e395af93c4f468367566.png
hsto.org/webt/59/e3/95/
Redirect Chain

https://habrastorage.org/webt/59/e3/95/59e395af93c4f468367566.png
https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png

92 KB
92 KB

16ms
12ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9a3e0d82f7d7dcd488d2cb2d56ff67e1b9782e4db18f61fc0d2b7246df76de

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
content-length: 93905
last-modified: Sun, 15 Oct 2017 17:06:55 GMT
server: cloudflare
etag: "59e395af-16ed1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d234da3d6bd-FRA
expires: Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location: https://hsto.org/webt/59/e3/95/59e395af93c4f468367566.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

59e395afb9650235665851.png
hsto.org/webt/59/e3/95/
Redirect Chain

https://habrastorage.org/webt/59/e3/95/59e395afb9650235665851.png
https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png

141 KB
141 KB

19ms
15ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfef520da48dd3215d766ea947ccd83b8d26588829206c62e058f643c3d4c1b8

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status: HIT
cf-polished: status=not_needed
status: 200
cf-bgj: imgq:100
content-length: 144280
last-modified: Sun, 15 Oct 2017 17:06:55 GMT
server: cloudflare
etag: "59e395af-23398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d234da5d6bd-FRA
expires: Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location: https://hsto.org/webt/59/e3/95/59e395afb9650235665851.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

59e3770e949f3269504620.png
hsto.org/webt/59/e3/77/
Redirect Chain

https://habrastorage.org/webt/59/e3/77/59e3770e949f3269504620.png
https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png

50 KB
50 KB

13ms
12ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28e92012b6ae42166a2bcb3ad556a195db7803a963e26eb2980b2fd7954f2e4

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status: HIT
cf-polished: pngoptimizer, origSize=66027
status: 200
cf-bgj: imgq:100
content-length: 51359
last-modified: Sun, 15 Oct 2017 14:56:14 GMT
server: cloudflare
etag: "59e3770e-101eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d235db2d6bd-FRA
expires: Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location: https://hsto.org/webt/59/e3/77/59e3770e949f3269504620.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

59e4fc4eee061363676501.png
hsto.org/webt/59/e4/fc/
Redirect Chain

https://habrastorage.org/webt/59/e4/fc/59e4fc4eee061363676501.png
https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png

54 KB
54 KB

281ms
277ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6537196c55e39e35f59eca829e70f280423f2e69e500203cafc5017b7ba179ae

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status: HIT
cf-polished: pngoptimizer, origSize=56741
status: 200
cf-bgj: imgq:100
content-length: 55615
last-modified: Mon, 16 Oct 2017 18:37:03 GMT
server: cloudflare
etag: "59e4fc4f-dda5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d251b10d6bd-FRA
expires: Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location: https://hsto.org/webt/59/e4/fc/59e4fc4eee061363676501.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

59e55464f2331285132470.png
hsto.org/webt/59/e5/54/
Redirect Chain

https://habrastorage.org/webt/59/e5/54/59e55464f2331285132470.png
https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png

467 KB
468 KB

16ms
13ms

Image
image/png

2606:4700:20::6819:b71c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:b71c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ccaf41bcfc89670793da81a140a57fbc8b3b1bdb47c876dd04666449ca679c4

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
cf-cache-status: HIT
cf-polished: origSize=545595
status: 200
cf-bgj: imgq:100
content-length: 478533
last-modified: Tue, 17 Oct 2017 00:52:53 GMT
server: cloudflare
etag: "59e55465-8533b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e253d24a9e2d6bd-FRA
expires: Sat, 02 Jun 2029 21:28:53 GMT

Redirect headers

Location: https://hsto.org/webt/59/e5/54/59e55464f2331285132470.png
Date: Wed, 05 Jun 2019 21:28:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H/1.1 200
OK vendors.bundle.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/ 286 KB
92 KB 27ms
18ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/vendors.bundle.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: 05d717091368bbc4f0a27dec92a58f99eb5c226a4e7529b9bcb29ef33231bebf

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:48:03 GMT
Server: nginx
ETag: W/"5cf7ba03-47816"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H/1.1 200
OK main.bundle.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/ 139 KB
38 KB 24ms
21ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/main.bundle.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: 10ba48fa782bc4809eea111944c8655597e84c74bb370e8d589b005be5c5726f

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:48:03 GMT
Server: nginx
ETag: W/"5cf7ba03-22a5d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H2 200 MathJax.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/ 62 KB
18 KB 19ms
16ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

48344fd55558bbeb600062a175d052979f9ece87c7299788f8ecf16a46c87bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:52 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:23:44 GMT
server: cloudflare
etag: W/"5afd4a20-f648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 May 2020 21:28:52 GMT
cache-control: public, max-age=30672000
cf-ray: 4e253d212a7364b5-FRA
served-in-seconds: 0.003

GET
H/1.1 200
OK highlight.pack.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/libs/ 8 KB
4 KB 21ms
18ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/highlight.pack.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: a790d9c7cfbcbb281ac9c30c714a28f3071d3d5f26b8a302fb821472e63a67d0

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:47:41 GMT
Server: nginx
ETag: W/"5cf7b9ed-1ffd"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:06 GMT

GET
H/1.1 200
OK highlight.langs.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/libs/ 155 KB
52 KB 44ms
41ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/highlight.langs.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: fc0a6e11e21ffc94010e635abbf0e7f4fd601d9b397133d2fdfb2940a441cb84

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:47:41 GMT
Server: nginx
ETag: W/"5cf7b9ed-26cea"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:06 GMT

GET
H/1.1 200
OK check-login.js Show response
dr.habracdn.net/habrcom/javascripts/1559738781/ 607 B
769 B 24ms
22ms Script
application/javascript 82.192.95.175
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/check-login.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.192.95.175 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: assets.habranet.net
Software: nginx /
Resource Hash: d99eca568bf6aa97d6a32c7f6b21375b78ae636c507890659d4bd1ef8d1ff7e1

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 12:47:41 GMT
Server: nginx
ETag: W/"5cf7b9ed-25f"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 05 Jul 2019 12:48:05 GMT

GET
H/1.1 200
OK / Show response
habr.com/ru/viewcount/post/454592/ 0
877 B 97ms
66ms Script
text/javascript 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/ru/viewcount/post/454592/

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR / PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Keep-Alive: timeout=15
Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript;charset=UTF-8
Server: QRATOR
X-Powered-By: PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Transfer-Encoding: chunked
Connection: keep-alive
X-Proxy-Upstream: habrcom-web
Vary: Accept-Encoding
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000

GET
H/1.1 200
OK firaSans-medium.woff2
habr.com/fonts/0/FiraSans/ 157 KB
158 KB 87ms
86ms Font
font/woff2 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/fonts/0/FiraSans/firaSans-medium.woff2

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

a10a4d0cd9bbbd50cdb98fefb19a5fff77a79c8e3290c120edf638d27e40c29b

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://habr.com/ru/company/dsec/blog/454592/
Origin: https://habr.com

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
X-Proxy-Upstream: habrcom-web
Last-Modified: Thu, 25 Oct 2018 10:44:12 GMT
Server: QRATOR
X-Proxy-Cache-Status: HIT
ETag: "5bd19e7c-2737c"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: font/woff2
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 160636
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Expires: Thu, 04 Jul 2019 01:22:45 GMT

GET
H/1.1 200
OK px.gif
habr.com/images/ 43 B
629 B 78ms
52ms Image
image/gif 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://habr.com/images/px.gif?ch=1&rn=9.638015271306644

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
X-Proxy-Upstream: habrcom-web
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: QRATOR
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/gif
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 43
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000

GET
H/1.1 200
OK px.gif
habr.com/images/ 43 B
629 B 78ms
51ms Image
image/gif 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://habr.com/images/px.gif?ch=2&rn=9.638015271306644

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
X-Proxy-Upstream: habrcom-web
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: QRATOR
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/gif
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 43
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000

GET
H/1.1 200
OK common-svg-sprite.svg
habr.com/images/1559738781/ 6 KB
3 KB 148ms
130ms Other
image/svg+xml 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/images/1559738781/common-svg-sprite.svg

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

9d8dd904f2a4384102930a15130f6bf0fcf3f132cafecd4d25c626bc58dce55c

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
X-Proxy-Cache-Status: HIT
Transfer-Encoding: chunked
Connection: keep-alive
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
X-Proxy-Upstream: habrcom-web
Last-Modified: Tue, 15 Jan 2019 09:33:24 GMT
Server: QRATOR
ETag: W/"5c3da8e4-19b6"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Keep-Alive: timeout=15
Expires: Fri, 05 Jul 2019 12:48:49 GMT

GET
H2 200 / Show response
mediator.mail.ru/script/2820404/ 25 KB
10 KB 260ms
117ms Script
application/javascript 217.69.139.231
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://mediator.mail.ru/script/2820404/
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: collector.mediator.media
Software: nginx/1.12.2 /
Resource Hash: c8f2fbc4d9989e0497b4c28dfce86c0434adb6d222cc052d86abfe33fc603021

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 05 Jun 2019 21:28:52 GMT
cache-control: private, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: nginx/1.12.2
content-encoding: gzip
content-type: application/javascript

GET
DATA 200
OK truncated
/ 1018 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f0f32f49883bf0cf384f663d64b06f4bdb5fa9806eed81f825f20d289b0c71a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 page.php
www.facebook.com/plugins/ Frame AC5D 0
0 164ms
150ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDSecRU%2F&width=260&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: dr.habracdn.net
URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/jquery-1.8.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDSecRU%2F&width=260&height=300&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://habr.com/ru/company/dsec/blog/454592/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://habr.com/ru/company/dsec/blog/454592/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: /wdxW470tcPQmLEA3kodVUcWRafujKnnWaAffZBw7aIby4PB3tGViTg/sjGVRc3+alMVwbIPx7vc/dRjyeEuYw==
date: Wed, 05 Jun 2019 21:28:52 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 40ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B6) /
Resource Hash: 0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Jun 2019 16:50:27 GMT
Server: ECS (fcn/40B6)
Etag: "c0ccc06d58626dbfe4c4102bca9dfe9c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28050

GET
H2 200 ru.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru/ 3 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru/ru.js?V=2.7.1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bca52c4e13a919e9498f8e7fc39fda45b124c0481d60f94865c89bd1ef98a329

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:23:55 GMT
server: cloudflare
etag: W/"5afd4a2b-ca1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 May 2020 21:28:53 GMT
cache-control: public, max-age=30672000
cf-ray: 4e253d235c3264b5-FRA
served-in-seconds: 0.000

GET
H2 200 TeX-AMS_SVG-full.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/config/ 273 KB
75 KB 15ms
14ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/config/TeX-AMS_SVG-full.js?V=2.7.1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

625806b9470bbf0838832c12de4250b0107195316009ab6d6bef31e0f08cea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:23:44 GMT
server: cloudflare
etag: W/"5afd4a20-4432f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 May 2020 21:28:53 GMT
cache-control: public, max-age=30672000
cf-ray: 4e253d236c3364b5-FRA
served-in-seconds: 0.004

GET
H2 200 /
mediator.mail.ru/script/2820404/register/ 4 B
147 B 58ms
57ms Image
application/octet-stream 217.69.139.231
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=v&wc=4634
Requested by: Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: collector.mediator.media
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 05 Jun 2019 21:28:53 GMT
cache-control: private, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: nginx/1.12.2
content-type: application/octet-stream

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 132 KB
39 KB 71ms
33ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

4cb9f1d889f92113dbb3129f45523b0db93a4efd42090ff8eb122bc70b600732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding: br
Last-Modified: Tue, 04 Jun 2019 07:46:17 GMT
Server: nginx/1.12.2
ETag: "5cf621c9-9b15"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 39701
Expires: Wed, 05 Jun 2019 22:28:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 54 KB
17 KB 42ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16245
x-xss-protection: 0
pragma: public
x-fb-debug: 8uSWtykTV3ktz3VDrbkHIxKTim1pZ6kAdos9fnvnUvcF72T7fPzjoh6sHPTSTqk30753IKY2g5N6jeqgQPdl5w==
date: Wed, 05 Jun 2019 21:28:53 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

/ Show response
habr.com/ru/toplink/
Redirect Chain

https://habr.com/toplink/
https://habr.com/ru/toplink/

567 B
790 B

57ms
57ms

XHR
application/json

178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://habr.com/ru/toplink/

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR / PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

86e18d9467341bc557003599168a94e31ad7456a33be1ef40d96f16c66dccb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: QRATOR
X-Powered-By: PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options: SAMEORIGIN
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Keep-Alive: timeout=15

Redirect headers

Date: Wed, 05 Jun 2019 21:28:53 GMT
X-Content-Type-Options: nosniff
Server: QRATOR
Location: https://habr.com/ru/toplink/
X-Powered-By: PHP/7.2.18-1+ubuntu16.04.1+deb.sury.org+1
X-Frame-Options: SAMEORIGIN
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=15

GET
H/1.1 200
OK / Show response
account.habr.com/checklogin/ 38 B
1 KB 318ms
183ms Script
application/x-javascript 178.248.232.25
QRATOR

General

Check archive.org

Show headers Download Go to

Full URL

https://account.habr.com/checklogin/?_=1559770133120

Requested by

Host: dr.habracdn.net
URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/jquery-1.8.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.232.25 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR / PHP/7.2.16-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

fb83a22b9431ed44fc4216980e25159afa5cd22e762de3d4c0e4390033bcaeed

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.2.16-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA", CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Connection: keep-alive
Vary: Accept-Encoding
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Server: QRATOR
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html
platform.twitter.com/widgets/ Frame E842 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d753e00c3e838c1b2558149bd3f6ecb8.html?origin=https%3A%2F%2Fhabr.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://habr.com/ru/company/dsec/blog/454592/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://habr.com/ru/company/dsec/blog/454592/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Jun 2019 21:28:53 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Wed, 05 Jun 2019 16:49:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E4)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 2506
date: Wed, 05 Jun 2019 20:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Wed, 05 Jun 2019 22:47:07 GMT

GET
H2 200 317458588730613 Show response
connect.facebook.net/signals/config/ 228 KB
61 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/317458588730613?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

bd889b42115a920bc2e8e1eb2f18fbd946847462c0beb173cb726f4136062983

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61415
x-xss-protection: 0
pragma: public
x-fb-debug: pdI8TX1dO9Ba7IuZQE8Aw9Q+InXqaAOMV46P0slOckoc74qLoBpPLcULGovwbAhhs8iPOJ0VMOrkw5suMR2XyA==
date: Wed, 05 Jun 2019 21:28:53 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 53 KB
20 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-559GVC8&cid=751929478.1559770133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

25a3390c286888dfb519af7dbf8f7ce40aae8760ec007c6ceda0724e88101088

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 20332
x-xss-protection: 0
expires: Wed, 05 Jun 2019 21:28:53 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDACEABR~&jid=2107803205&gjid=1017172994&cid=751929478.1559770133&tid=UA-116538445-2&_gid=364082450.1559770133&_r=1&z=560446820

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/24049213/
Redirect Chain

https://mc.yandex.ru/watch/24049213?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%...
https://mc.yandex.ru/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3As...

0
-1 B

18ms
17ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Jun 2019 21:28:53 GMT
Last-Modified: Wed, 05-Jun-2019 21:28:53 GMT
Server: nginx/1.12.2
Location: /watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://habr.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 05-Jun-2019 21:28:53 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Jun 2019 21:28:53 GMT
Last-Modified: Wed, 05-Jun-2019 21:28:53 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: https://habr.com
Strict-Transport-Security: max-age=31536000
Location: /watch/24049213/1?wmode=7&page-url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1559770131949%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190605212853%3Aet%3A1559770133%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A762425127%3Ahid%3A851118116%3Ads%3A17%2C19%2C501%2C33%2C0%2C0%2C0%2C570%2C86%2C%2C%2C%2C1111%3Afp%3A832%3Awn%3A48457%3Ahl%3A2%3Agdpr%3A14%3Av%3A1545%3Ast%3A1559770133%3Au%3A1559770133314513610%3At%3AWAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 05-Jun-2019 21:28:53 GMT

GET
H2 200 fontdata.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/jax/output/SVG/fonts/TeX/ 140 KB
55 KB 22ms
21ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/jax/output/SVG/fonts/TeX/fontdata.js?V=2.7.1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

69b244afac2c4149ebf2ea7dad8a908f8a126c6485f42c23b9bb521f9f7011d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:22:41 GMT
server: cloudflare
etag: W/"5afd49e1-230d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 May 2020 21:28:53 GMT
cache-control: public, max-age=30672000
cf-ray: 4e253d252ddb64b5-FRA
served-in-seconds: 0.035

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 39ms
17ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 05 Jun 2019 21:28:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.12.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Wed, 05 Jun 2019 22:28:53 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/24049213/ 133 B
677 B 67ms
47ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

120276d47f374c766b480c2c571d358921396aed6af5bb80fc996021dc095f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
Origin: https://habr.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 05 Jun 2019 21:28:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05-Jun-2019 21:28:53 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://habr.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Wed, 05-Jun-2019 21:28:53 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
5ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes%20of%20hackers%20%2F%20%D0%91%D0%BB%D0%BE%D0%B3%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D0%B8%20Digital%20Security%20%2F%20%D0%A5%D0%B0%D0%B1%D1%80&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAiEADR~&jid=2029470880&gjid=1987003073&cid=751929478.1559770133&tid=UA-726094-1&_gid=364082450.1559770133&cd1=guest&cd2=publish_corp&cd3=na&cd4=no&cd6=ru&z=1273245065

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2019 08:50:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 477499
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&gjid=1987003073&_gid=364082450.1559770133&_u=aGDAiEADR~&z=850260856
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502

42 B
109 B

24ms
23ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-1&cid=751929478.1559770133&jid=2029470880&_v=j76&z=850260856&slf_rd=1&random=3379185502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1073817074&t=pageview&_s=1&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&ul=en-us&de=UTF-8&dt=WAF%20through%20the%20eyes...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_gid=364082450.1559770133&gjid=372360934&_v=j76&z=770722134
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915

42 B
109 B

23ms
20ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Jun 2019 21:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-726094-24&cid=751929478.1559770133&jid=1474285606&_v=j76&z=770722134&slf_rd=1&random=1522392915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
898 B 12ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: xEd++OLMe9X6b4p9UITrESsxAaP3cyVx11IGoseZ5ZKIykr7+2CeALmP6LyS6n/VlIzky50FboZ+xzJjUw8oIw==
date: Wed, 05 Jun 2019 21:28:53 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
316 B 10ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=317458588730613&ev=PageView&dl=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&rl=&if=false&ts=1559770133456&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1559770133435.1308381878&it=1559770133178&coo=false&rqm=GET

Requested by

Host: habr.com
URL: https://habr.com/ru/company/dsec/blog/454592/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 05 Jun 2019 21:28:53 GMT

GET
H2 200 /
mediator.mail.ru/script/2820404/register/ 4 B
147 B 58ms
57ms Image
application/octet-stream 217.69.139.231
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=s0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: collector.mediator.media
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 05 Jun 2019 21:28:53 GMT
cache-control: private, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: nginx/1.12.2
content-type: application/octet-stream

POST
H2 200 /
www.facebook.com/tr/ Frame F747 0
0 6ms
6ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3644
pragma: no-cache
cache-control: no-cache
origin: https://habr.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://habr.com/ru/company/dsec/blog/454592/
accept-encoding: gzip, deflate, br
cookie: fr=0hjLsZdwYyw2AAhOF..Bc-DQV...1.0.Bc-DQV.
Origin: https://habr.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://habr.com/ru/company/dsec/blog/454592/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://habr.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen
date: Wed, 05 Jun 2019 21:28:53 GMT

GET
H2 200 MathMenu.js Show response
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru/ 15 KB
3 KB 12ms
12ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/localization/ru/MathMenu.js?V=2.7.1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS_SVG-full&locale=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7469c345ae24362b321999c9c53b45a7206fec9e976c5dc817f94e2e3ace6209

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:28:54 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:22:41 GMT
server: cloudflare
etag: W/"5afd49e1-3a1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 May 2020 21:28:54 GMT
cache-control: public, max-age=30672000
cf-ray: 4e253d2d3c6b64b5-FRA
served-in-seconds: 0.025

GET
H2 200 /
mediator.mail.ru/script/2820404/register/ 4 B
147 B 58ms
57ms Image
application/octet-stream 217.69.139.231
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=ts0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: collector.mediator.media
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 05 Jun 2019 21:28:58 GMT
cache-control: private, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: nginx/1.12.2
content-type: application/octet-stream

GET
H2 200 /
mediator.mail.ru/script/2820404/register/ 4 B
147 B 58ms
58ms Image
application/octet-stream 217.69.139.231
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=t0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: collector.mediator.media
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 05 Jun 2019 21:28:58 GMT
cache-control: private, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: nginx/1.12.2
content-type: application/octet-stream

GET
H2 200 /
mediator.mail.ru/script/2820404/register/ 4 B
147 B 57ms
57ms Image
application/octet-stream 217.69.139.231
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediator.mail.ru/script/2820404/register/?cid=2820404&url=https%3A%2F%2Fhabr.com%2Fru%2Fcompany%2Fdsec%2Fblog%2F454592%2F&mdtr_ses=1559770132.1161547668.446528023&ref=&p=1&e=t0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.69.139.231 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: collector.mediator.media
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://habr.com/ru/company/dsec/blog/454592/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 05 Jun 2019 21:29:03 GMT
cache-control: private, no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: nginx/1.12.2
content-type: application/octet-stream

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.facebook.com/	1970-01-19 03:25:46	Name: fr Value: 0hjLsZdwYyw2AAhOF..Bc-DQV...1.0.Bc-DQV.
.habr.com/	1970-01-19 03:25:46	Name: _fbp Value: fb.1.1559770133435.1308381878
.habr.com/	1970-01-19 01:16:10	Name: _gat Value: 1
.habr.com/	1970-01-19 01:17:22	Name: _ym_isad Value: 2
.habr.com/	1970-01-19 01:16:10	Name: _gat_HGM Value: 1
.habr.com/	1970-01-19 10:01:46	Name: _ym_d Value: 1559770133
.habr.com/	1970-01-19 01:16:10	Name: _gat_company Value: 1
.habr.com/	1970-01-19 01:16:11	Name: _ym_visorc_24049213 Value: b
.habr.com/	1970-01-19 10:01:46	Name: _ym_uid Value: 1559770133314513610
.habr.com/	1970-01-19 01:17:36	Name: _gid Value: GA1.2.364082450.1559770133
.habr.com/	1970-01-19 18:47:22	Name: _ga Value: GA1.2.751929478.1559770133
habr.com/	1970-01-19 01:16:10	Name: tmid_no_check Value: 1
habr.com/	1970-01-19 01:36:19	Name: ab_test_vacancies_block_group Value: B

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://dr.habracdn.net/habrcom/javascripts/1559738781/libs/raven.min.js(Line 2) Message: FS500-loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.habr.com
cdnjs.cloudflare.com
connect.facebook.net
dr.habracdn.net
habr.com
habrastorage.org
hsto.org
mc.yandex.ru
mediator.mail.ru
platform.twitter.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
178.248.232.25
178.248.237.68
217.69.139.231
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:b71c
2606:4700::6813:c597
2a00:1450:4001:808::2004
2a00:1450:4001:819::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c06::9c
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
82.192.95.175
95.213.152.170
05d717091368bbc4f0a27dec92a58f99eb5c226a4e7529b9bcb29ef33231bebf
0870a4508bc178306a11ed2b23e17d129226ebc2de988534d82324ff915cf9a6
10ba48fa782bc4809eea111944c8655597e84c74bb370e8d589b005be5c5726f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120276d47f374c766b480c2c571d358921396aed6af5bb80fc996021dc095f6e
25a3390c286888dfb519af7dbf8f7ce40aae8760ec007c6ceda0724e88101088
2afde481f885e44a63082aea8936e0704c1be721fb3f752ba79465cd6ddfbd15
359fd42a97c9d64be6952af8bae0ebbc592377949e8213a6d8be172e6846f9d9
3a3341037c73f7698ebb36caf03e3d2ff8209207da5190373b5303931c35cb46
48344fd55558bbeb600062a175d052979f9ece87c7299788f8ecf16a46c87bf6
4cb9f1d889f92113dbb3129f45523b0db93a4efd42090ff8eb122bc70b600732
4ccaf41bcfc89670793da81a140a57fbc8b3b1bdb47c876dd04666449ca679c4
4f0f32f49883bf0cf384f663d64b06f4bdb5fa9806eed81f825f20d289b0c71a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
625806b9470bbf0838832c12de4250b0107195316009ab6d6bef31e0f08cea30
6537196c55e39e35f59eca829e70f280423f2e69e500203cafc5017b7ba179ae
69b244afac2c4149ebf2ea7dad8a908f8a126c6485f42c23b9bb521f9f7011d1
7469c345ae24362b321999c9c53b45a7206fec9e976c5dc817f94e2e3ace6209
76ea9ffb498d4afa3e7499fe8663594985fbe902bab9d01db87e94e976738b4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e18d9467341bc557003599168a94e31ad7456a33be1ef40d96f16c66dccb28
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
911ec9331623f78e1fa54c99acb46484137171087180b6b0db2c3a2f831d52a2
9d8dd904f2a4384102930a15130f6bf0fcf3f132cafecd4d25c626bc58dce55c
a10a4d0cd9bbbd50cdb98fefb19a5fff77a79c8e3290c120edf638d27e40c29b
a790d9c7cfbcbb281ac9c30c714a28f3071d3d5f26b8a302fb821472e63a67d0
aba04e615c95305b30642e439119960999058829ddcfc0f383cdabccfedda4d4
b28e92012b6ae42166a2bcb3ad556a195db7803a963e26eb2980b2fd7954f2e4
bca52c4e13a919e9498f8e7fc39fda45b124c0481d60f94865c89bd1ef98a329
bd889b42115a920bc2e8e1eb2f18fbd946847462c0beb173cb726f4136062983
bfef520da48dd3215d766ea947ccd83b8d26588829206c62e058f643c3d4c1b8
c8f2fbc4d9989e0497b4c28dfce86c0434adb6d222cc052d86abfe33fc603021
cb4feca4dd115a73d93c997022f50cc8ed84a0d716c0dd43ebd03a8901fec434
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d99eca568bf6aa97d6a32c7f6b21375b78ae636c507890659d4bd1ef8d1ff7e1
e213b3a3435ce8c6188d7db8f00aaf2d1ec5458f95b877ad0a88a44af8b7bf60
e29252e62da9506dac3650459784646eb7f4f6e2928cf157ef14cd21f1e34cb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8a8458ba95f77d433111269da2dcb82e0a17240c10dffa9ba0d38eb4323a1fc
fb83a22b9431ed44fc4216980e25159afa5cd22e762de3d4c0e4390033bcaeed
fc0a6e11e21ffc94010e635abbf0e7f4fd601d9b397133d2fdfb2940a441cb84
fe9a3e0d82f7d7dcd488d2cb2d56ff67e1b9782e4db18f61fc0d2b7246df76de

habr.com Open in urlscan Pro 178.248.237.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

100 %HTTPS

67 %IPv6

14 Domains

15 Subdomains

13 IPs

6 Countries

2026 kBTransfer

3710 kBSize

13 Cookies

59 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

habr.com Open in urlscan Pro
178.248.237.68 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

13
IPs

6
Countries

2026 kB
Transfer

3710 kB
Size

13
Cookies

56 HTTP transactions
1 data transactions