zlgal.linkedinblueprint.com Open in urlscan Pro
185.238.168.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zlgal.linkedinblueprint.com/
Submission Tags: @phishunt_io
Submission: On September 18 via api (September 18th 2020, 2:08:26 am UTC) from ES

Summary HTTP 35 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 14 domains to perform 35 HTTP transactions. The main IP is 185.238.168.211, located in Ukraine and belongs to SCALAXY-AS, NL. The main domain is zlgal.linkedinblueprint.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 17th 2020. Valid for: 3 months.

This is the only time zlgal.linkedinblueprint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.238.168.211 185.238.168.211	58061 (SCALAXY-AS) (SCALAXY-AS)
3	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2 2	82.192.95.170 82.192.95.170	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2606:4700:20:... 2606:4700:20::681a:ca1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a03:90c0:999... 2a03:90c0:9997::9997	199524 (GCORE) (GCORE)
2	81.19.72.56 81.19.72.56	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
9	91.210.107.31 91.210.107.31	49335 (NCONNECT-AS) (NCONNECT-AS)
2	46.4.7.171 46.4.7.171	24940 (HETZNER-AS) (HETZNER-AS)
2	178.248.237.68 178.248.237.68	197068 (QRATOR) (QRATOR)
3	5.254.23.97 5.254.23.97	3223 (VOXILITY) (VOXILITY)
1	178.248.232.27 178.248.232.27	197068 (QRATOR) (QRATOR)
2	46.243.181.16 46.243.181.16	209974 (ITGLOBAL) (ITGLOBAL)
35	12

1 185.238.168.211 (Ukraine)

ASN58061 (SCALAXY-AS, NL)

zlgal.linkedinblueprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.192.95.170 (Netherlands) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: beta.hstor.org

habrastorage.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ca1 (United States)

ASN13335 (CLOUDFLARENET, US)

hsto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:90c0:9997::9997 (Germany)

ASN199524 (GCORE, AT)

images11.popmeh.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.72.56 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)

icdn.lenta.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 91.210.107.31 (Russian Federation)

ASN49335 (NCONNECT-AS, RU)

3dnews.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.4.7.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs37.lifehacker.ru

cdn.lifehacker.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.248.237.68 (Russian Federation)

ASN197068 (QRATOR, RU)

habr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.254.23.97 (Germany)

ASN3223 (VOXILITY, GB)

cdn.jpg.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.248.232.27 (Russian Federation)

ASN197068 (QRATOR, RU)

xakep.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.243.181.16 (Nadym, Russian Federation)

ASN209974 (ITGLOBAL, RU)

www.computerra.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	3dnews.ru 3dnews.ru	4 MB
7	popmeh.ru images11.popmeh.ru	2 MB
3	jpg.wtf cdn.jpg.wtf	85 KB
2	computerra.ru www.computerra.ru	170 KB
2	habr.com habr.com	77 KB
2	lifehacker.ru cdn.lifehacker.ru	536 KB
2	lenta.ru icdn.lenta.ru	1 MB
2	hsto.org hsto.org	678 KB
2	habrastorage.org 2 redirects habrastorage.org	524 B
2	bootstrapcdn.com stackpath.bootstrapcdn.com	46 KB
1	xakep.ru xakep.ru	340 KB
1	googleapis.com fonts.googleapis.com	673 B
1	jquery.com code.jquery.com	30 KB
1	linkedinblueprint.com zlgal.linkedinblueprint.com	70 KB
35	14

	Domain	Requested by
9	3dnews.ru	zlgal.linkedinblueprint.com
7	images11.popmeh.ru	zlgal.linkedinblueprint.com
3	cdn.jpg.wtf	zlgal.linkedinblueprint.com
2	www.computerra.ru	zlgal.linkedinblueprint.com
2	habr.com	zlgal.linkedinblueprint.com
2	cdn.lifehacker.ru	zlgal.linkedinblueprint.com
2	icdn.lenta.ru	zlgal.linkedinblueprint.com
2	hsto.org	zlgal.linkedinblueprint.com
2	habrastorage.org	2 redirects
2	stackpath.bootstrapcdn.com	zlgal.linkedinblueprint.com
1	xakep.ru	zlgal.linkedinblueprint.com
1	fonts.googleapis.com	zlgal.linkedinblueprint.com
1	code.jquery.com	zlgal.linkedinblueprint.com
1	zlgal.linkedinblueprint.com
35	14

This site contains links to these domains. Also see Links.

Domain
habr.com
www.popmech.ru
lenta.ru
3dnews.ru
lifehacker.ru
musicvideo-club.d3.ru
musicvideo.d3.ru
loony_song.d3.ru
xakep.ru
www.computerra.ru

Subject Issuer	Validity	Valid
ywoeh.real-combats.online Let's Encrypt Authority X3	`2020-09-17` - `2020-12-16`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-28` - `2021-06-28`	a year	crt.sh
popmech.ru Let's Encrypt Authority X3	`2020-09-14` - `2020-12-13`	3 months	crt.sh
*.lenta.ru RapidSSL RSA CA 2018	`2018-10-29` - `2020-12-27`	2 years	crt.sh
3dnews.ru Let's Encrypt Authority X3	`2020-09-06` - `2020-12-05`	3 months	crt.sh
*.lifehacker.ru GlobalSign RSA DV SSL CA 2018	`2019-11-20` - `2020-12-07`	a year	crt.sh
*.habr.com Sectigo ECC Domain Validation Secure Server CA	`2020-05-30` - `2021-12-02`	2 years	crt.sh
cdn.jpg.wtf Sectigo RSA Domain Validation Secure Server CA	`2019-03-25` - `2021-04-05`	2 years	crt.sh
xakep.ru Sectigo RSA Domain Validation Secure Server CA	`2019-10-20` - `2020-10-19`	a year	crt.sh
*.computerra.ru RapidSSL RSA CA 2018	`2020-04-21` - `2021-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://zlgal.linkedinblueprint.com/
Frame ID: CDEAE7220CCA5AADEE3E12E4390B2681
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

35
Requests

100 %
HTTPS

31 %
IPv6

14
Domains

14
Subdomains

12
IPs

5
Countries

8929 kB
Transfer

9162 kB
Size

0
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://habr.com/ru/post/517768/#post-content-body
Title:

Search URL Search Domain Scan URL

URL: https://www.popmech.ru/technologies/news-615583-nasa-ispytalo-razgonnye-bloki-dlya-rakety-sls/
Title:

Search URL Search Domain Scan URL

URL: https://lenta.ru/news/2020/08/20/ufo/
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1018817
Title:

Search URL Search Domain Scan URL

URL: https://lenta.ru/news/2020/09/08/nasa/
Title:

Search URL Search Domain Scan URL

URL: https://lifehacker.ru/lichnye-granicy-v-sekse/
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1018368
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1019995
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1019052
Title:

Search URL Search Domain Scan URL

URL: https://habr.com/ru/post/516548/#post-content-body
Title:

Search URL Search Domain Scan URL

URL: https://habr.com/ru/post/517118/#post-content-body
Title:

Search URL Search Domain Scan URL

URL: https://www.popmech.ru/gadgets/news-621103-analnoy-probkoy-nauchilis-upravlyat-cherez-twitter/
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1019391
Title:

Search URL Search Domain Scan URL

URL: https://lifehacker.ru/ea-play-steam/
Title:

Search URL Search Domain Scan URL

URL: https://www.popmech.ru/technologies/news-621353-razrabotchiki-the-witcher-3-sozdadut-triller-po-romanu-lema/
Title:

Search URL Search Domain Scan URL

URL: https://musicvideo-club.d3.ru/captain-supernova-space-odyssey-2030699/
Title:

Search URL Search Domain Scan URL

URL: https://musicvideo.d3.ru/biffy-clyro-space-2027171/
Title:

Search URL Search Domain Scan URL

URL: https://loony_song.d3.ru/ouzo-bazooka-space-camel-2035521/
Title:

Search URL Search Domain Scan URL

URL: https://www.popmech.ru/technologies/news-618743-v-rossii-ispytali-lazery-dlya-pokaza-reklamy-iz-kosmosa/
Title:

Search URL Search Domain Scan URL

URL: https://www.popmech.ru/gadgets/news-619913-dizayner-sozdal-ustroystvo-zashchishchayushchee-ruki-ot-patogenov/
Title:

Search URL Search Domain Scan URL

URL: https://habr.com/ru/post/517590/#post-content-body
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1020314
Title:

Search URL Search Domain Scan URL

URL: https://xakep.ru/2020/09/15/blindside/
Title:

Search URL Search Domain Scan URL

URL: https://www.computerra.ru/270001/google-zapustit-novyj-rezhim-dlya-detej-na-android-planshetah/
Title:

Search URL Search Domain Scan URL

URL: https://www.popmech.ru/technologies/news-614203-kosmicheskomu-teleskopu-vernuli-solnechnuyu-panel/
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1019539
Title:

Search URL Search Domain Scan URL

URL: https://www.popmech.ru/science/news-620693-kusok-razmerom-s-cheboksary-otkololsya-ot-lednika-grenlandii/
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1020529
Title:

Search URL Search Domain Scan URL

URL: https://3dnews.ru/1019708
Title:

Search URL Search Domain Scan URL

URL: https://www.computerra.ru/270520/v-rossii-ispytali-lazery-dlya-translyatsii-reklamy-iz-kosmosa/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://habrastorage.org/getpro/habr/upload_files/9a8/a56/d89/9a8a56d89856921d0f07315d2faf4e90.png?v=1 HTTP 302
https://hsto.org/getpro/habr/upload_files/9a8/a56/d89/9a8a56d89856921d0f07315d2faf4e90.png?v=1

Request Chain 24

https://habrastorage.org/getpro/habr/upload_files/59d/db8/875/59ddb8875d461f671c1911c593aaec40.png?v=1 HTTP 302
https://hsto.org/getpro/habr/upload_files/59d/db8/875/59ddb8875d461f671c1911c593aaec40.png?v=1

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zlgal.linkedinblueprint.com/ 69 KB
70 KB 240ms
28ms Document
text/html 185.238.168.211
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.238.168.211 , Ukraine, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: /
Resource Hash: 3ee22f981dbc47c32317dc4a83f7b089c4dfe3b23a437f3bfd6ee4413d630a6b

Request headers

:method: GET
:authority: zlgal.linkedinblueprint.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Fri, 18 Sep 2020 02:08:08 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
23 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://zlgal.linkedinblueprint.com
Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:46 GMT
status: 200
etag: "1574963566"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23681

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 27ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin: https://zlgal.linkedinblueprint.com
Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
status: 200
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1600394888.dop165.fr8.t,1600394888.cds216.fr8.hn,1600394888.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 bootstrap.bundle.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 79 KB
22 KB 24ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.bundle.min.js

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://zlgal.linkedinblueprint.com
Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:52 GMT
status: 200
etag: "1574963572"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 22770

GET
H2 200 css
fonts.googleapis.com/ 2 KB
673 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a034cf5bacb85cbe6929cabcb47742d65b76ca7e2a7d5fcc178e9d1458f0302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Sep 2020 00:55:14 GMT
server: ESF
date: Fri, 18 Sep 2020 02:08:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Sep 2020 02:08:08 GMT

GET
H2

200

9a8a56d89856921d0f07315d2faf4e90.png
hsto.org/getpro/habr/upload_files/9a8/a56/d89/
Redirect Chain

https://habrastorage.org/getpro/habr/upload_files/9a8/a56/d89/9a8a56d89856921d0f07315d2faf4e90.png?v=1
https://hsto.org/getpro/habr/upload_files/9a8/a56/d89/9a8a56d89856921d0f07315d2faf4e90.png?v=1

543 KB
544 KB

29ms
12ms

Image
image/png

2606:4700:20::681a:ca1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/habr/upload_files/9a8/a56/d89/9a8a56d89856921d0f07315d2faf4e90.png?v=1
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ca1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d4162d667f0b339a8127686baa0be18c02554e503a277ebcb18441206b18e3

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
cf-cache-status: HIT
age: 1191577
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 555541
cf-request-id: 0540911c7200000601b4321200000001
last-modified: Fri, 04 Sep 2020 06:54:33 GMT
server: cloudflare
etag: "5f51e4a9-87a15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public, proxy-revalidate
accept-ranges: bytes
cf-ray: 5d478473ee9f0601-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://hsto.org/getpro/habr/upload_files/9a8/a56/d89/9a8a56d89856921d0f07315d2faf4e90.png?v=1
Date: Fri, 18 Sep 2020 02:08:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2 200 73df284f039761c2be20453b2e0164f0_ce_1933x1014x0x41_fitted_1260x700.png
images11.popmeh.ru/upload/img_cache/73d/ 1 MB
1 MB 296ms
267ms Image
image/png 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images11.popmeh.ru/upload/img_cache/73d/73df284f039761c2be20453b2e0164f0_ce_1933x1014x0x41_fitted_1260x700.png
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: c8da21fa384244fbdaaa54a7275e4f4d6f5d8e38cd8a09d44e7363b6b5df07c1

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Fri, 18 Sep 2020 02:08:12 GMT
last-modified: Thu, 03 Sep 2020 08:29:53 GMT
server: nginx
etag: "5f50a981-12d2aa"
x-hostname: spb2nginx.fppressa.ru
content-type: image/png
status: 200
cache-control: max-age=2592000
cache: MISS
accept-ranges: bytes
content-length: 1233578
expires: Sun, 18 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK share_31ae9bc181e53336b6717e84ee5b4328.jpg
icdn.lenta.ru/images/2020/08/19/16/20200819164235205/ 231 KB
231 KB 319ms
146ms Image
image/jpeg 81.19.72.56
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.lenta.ru/images/2020/08/19/16/20200819164235205/share_31ae9bc181e53336b6717e84ee5b4328.jpg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.72.56 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 4e5a746992fe33c7073c9a8ff83b4860be6ea3fc4bba9e2a169a1692d76dfdf2

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
Last-Modified: Wed, 19 Aug 2020 16:22:54 GMT
Server: nginx/1.13.4
ETag: "5f3d51de-39a83"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 236163
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Crysis-Remastered.jpg
3dnews.ru/assets/external/illustrations/2020/08/21/1018817/ 391 KB
392 KB 354ms
128ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/08/21/1018817/Crysis-Remastered.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

76c8e4b8e1ed69a7d64bf025bc0f3a862b7a409113c19f5ab0a06db066fd6413

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
x-content-type-options: nosniff
Last-Modified: Fri, 21 Aug 2020 14:46:28 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 400580
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK share_ea03947f6dc535a323987bfc4b94bee6.png
icdn.lenta.ru/images/2020/09/08/16/20200908165155270/ 806 KB
806 KB 339ms
158ms Image
image/png 81.19.72.56
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.lenta.ru/images/2020/09/08/16/20200908165155270/share_ea03947f6dc535a323987bfc4b94bee6.png
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.72.56 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 403e0477b9f3ca69057666666beee64b791c72be6527a174a8da69e48c56d17b

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
Last-Modified: Tue, 08 Sep 2020 13:59:31 GMT
Server: nginx/1.13.4
ETag: "5f578e43-c9740"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 825152
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bod_1599819141-1024x512.jpg
cdn.lifehacker.ru/wp-content/uploads/2020/09/ 97 KB
97 KB 108ms
42ms Image
image/jpeg 46.4.7.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lifehacker.ru/wp-content/uploads/2020/09/bod_1599819141-1024x512.jpg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.7.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: vs37.lifehacker.ru
Software: nginx /
Resource Hash: e2e27de9fead5c6593f038b3bc70a1e2f0fff59e10ac3ccd831ee9c60c828315

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
last-modified: Fri, 11 Sep 2020 10:12:22 GMT
server: nginx
etag: "5f5b4d86-18364"
content-type: image/jpeg
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 99172
expires: Fri, 25 Sep 2020 02:08:08 GMT

GET
H/1.1 200
OK sm.hub1.750.jpg
3dnews.ru/assets/external/illustrations/2020/08/17/1018368/ 585 KB
585 KB 358ms
131ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/08/17/1018368/sm.hub1.750.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

f912498fdef870ab73f8bece420138a39d420c6257e99c89a76e8376e1ceefe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
x-content-type-options: nosniff
Last-Modified: Mon, 17 Aug 2020 04:28:48 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 599006
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK sm.stars1.750.jpg
3dnews.ru/assets/external/illustrations/2020/09/07/1019995/ 845 KB
846 KB 359ms
131ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/09/07/1019995/sm.stars1.750.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

45103a8c349b65cec0c31f730161774aca67eb0a852e47649c012a880c98cfea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
x-content-type-options: nosniff
Last-Modified: Mon, 07 Sep 2020 05:08:39 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 865705
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK A-Space-for-the-Unbound.jpg
3dnews.ru/assets/external/illustrations/2020/08/25/1019052/ 357 KB
357 KB 376ms
138ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/08/25/1019052/A-Space-for-the-Unbound.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

1ef1e9e0a6802fb5331bac4fe057558bb350617343723c16730d4901b54daa07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
x-content-type-options: nosniff
Last-Modified: Tue, 25 Aug 2020 13:54:45 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 365202
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK /
habr.com/share/publication/516548/339f3bc9b2525529857d2031d8c1fc42/ 36 KB
37 KB 159ms
117ms Image
image/png 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://habr.com/share/publication/516548/339f3bc9b2525529857d2031d8c1fc42/?v=1

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR / PHP/7.2.32-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

b17cc67f9d26bd4d7a33eb39d633e6e813efc1b839e707ccb81fa14062b771e2

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
X-Proxy-Upstream: habrcom-engine
X-Content-Type-Options: nosniff
Server: QRATOR
X-Proxy-Cache-Status: HIT
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.2.32-1+ubuntu16.04.1+deb.sury.org+1
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/png
Keep-Alive: timeout=15
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000

GET
H/1.1 200
OK /
habr.com/share/publication/517118/1b90399585d063281ce57c222a64434c/ 39 KB
40 KB 117ms
80ms Image
image/png 178.248.237.68
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://habr.com/share/publication/517118/1b90399585d063281ce57c222a64434c/?v=1

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.237.68 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR / PHP/7.2.32-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

a08b775496c57fd095120e3162c0aeff4aa2c5bf0d16d5c09f16f0f77ad21af2

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
X-Proxy-Upstream: habrcom-engine
X-Content-Type-Options: nosniff
Server: QRATOR
X-Proxy-Cache-Status: HIT
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.2.32-1+ubuntu16.04.1+deb.sury.org+1
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: image/png
Keep-Alive: timeout=15
Public-Key-Pins: pin-sha256="jWWta3ma1DSx8lFr6uv04x6sSRmK5X4Z0ivIL7+qKLM="; pin-sha256="Efde6ZPsmxzZkludmzwnp0QJhZ1mSwHrhDxczbpZcmM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="kUh5F9diW5KlrhQ+nEKTIVFWVZuNbVqkKtm+KOGPXCE="; max-age=15552000

GET
H2 200 39542687bec1633dd5742cbf7dfdff1f_ce_1146x601x0x49_fitted_1260x700.jpg
images11.popmeh.ru/upload/img_cache/395/ 65 KB
65 KB 15ms
13ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images11.popmeh.ru/upload/img_cache/395/39542687bec1633dd5742cbf7dfdff1f_ce_1146x601x0x49_fitted_1260x700.jpg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 60e58ac77e9c907b4f15e1f669fb706b2afd29fd37c211245bf9b0c144cad484

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Fri, 18 Sep 2020 02:08:12 GMT
last-modified: Wed, 16 Sep 2020 12:57:28 GMT
server: nginx
etag: "5f620bb8-1042f"
x-hostname: spb2nginx.fppressa.ru
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
x-cached-since: 2020-09-16T14:13:34+00:00
content-length: 66607
expires: Fri, 16 Oct 2020 14:13:29 GMT

GET
H/1.1 200
OK sm.hub1.750.jpg
3dnews.ru/assets/external/illustrations/2020/08/29/1019391/ 412 KB
413 KB 368ms
136ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/08/29/1019391/sm.hub1.750.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

c74ecc96c486bc39807dc69734eb3b3a8575caf8e30014d8a7f88fa0acf8019a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
x-content-type-options: nosniff
Last-Modified: Sat, 29 Aug 2020 05:07:12 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 422279
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:08 GMT

GET
H2 200 Snimok-ekrana-2020-09-01-v-14.15.05_1598959180-1024x512.png
cdn.lifehacker.ru/wp-content/uploads/2020/09/ 438 KB
439 KB 31ms
29ms Image
image/png 46.4.7.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lifehacker.ru/wp-content/uploads/2020/09/Snimok-ekrana-2020-09-01-v-14.15.05_1598959180-1024x512.png
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.7.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: vs37.lifehacker.ru
Software: nginx /
Resource Hash: a7ecdb5e83255b9d5656019063995160203d0d4a14fbb5a5e8580193ef774954

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
last-modified: Tue, 01 Sep 2020 11:19:40 GMT
server: nginx
etag: "5f4e2e4c-6d8ef"
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 448751
expires: Fri, 25 Sep 2020 02:08:08 GMT

GET
H2 200 c38998ab78e114580271b5b322c7e0e1_ce_1728x907x98x172_fitted_1260x700.jpg
images11.popmeh.ru/upload/img_cache/c38/ 128 KB
128 KB 27ms
25ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images11.popmeh.ru/upload/img_cache/c38/c38998ab78e114580271b5b322c7e0e1_ce_1728x907x98x172_fitted_1260x700.jpg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: e3bb99af599c5807bf112de6961353b5b790b1c51bd7be1547bf397d54343406

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Fri, 18 Sep 2020 02:08:12 GMT
last-modified: Wed, 16 Sep 2020 19:05:58 GMT
server: nginx
etag: "5f626216-1ffa4"
x-hostname: spb2nginx.fppressa.ru
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: HIT
accept-ranges: bytes
x-cached-since: 2020-09-16T20:32:27+00:00
content-length: 130980
expires: Fri, 16 Oct 2020 20:32:23 GMT

GET
H2 200 1598619165-6a85b857ab0ee812e6413fb5c12706a6.jpeg
cdn.jpg.wtf/futurico/6a/85/ 25 KB
25 KB 128ms
24ms Image
image/jpeg 5.254.23.97
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jpg.wtf/futurico/6a/85/1598619165-6a85b857ab0ee812e6413fb5c12706a6.jpeg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.254.23.97 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1d66c52e56c2e4a022e67499c293c3e08420ba37d36055dd40ef77f935c06cb7

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
last-modified: Fri, 28 Aug 2020 12:52:46 GMT
server: nginx
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-disposition: inline; filename=1598619165-6a85b857ab0ee812e6413fb5c12706a6.jpeg
accept-ranges: bytes
content-length: 25351

GET
H2 200 1597953729-07341879933ab9a94a6f5fcb42ed3ec2.jpeg
cdn.jpg.wtf/futurico/07/34/ 26 KB
26 KB 145ms
41ms Image
image/jpeg 5.254.23.97
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jpg.wtf/futurico/07/34/1597953729-07341879933ab9a94a6f5fcb42ed3ec2.jpeg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.254.23.97 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 640dd097cfb67ba935175359a8da1e256b34de77d17cfbdebd2272f2ef0099d0

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
last-modified: Thu, 20 Aug 2020 20:02:10 GMT
server: nginx
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-disposition: inline; filename=1597953729-07341879933ab9a94a6f5fcb42ed3ec2.jpeg
accept-ranges: bytes
content-length: 26419

GET
H2 200 1599474655-47bb3e078b842f43c34e627717fcf258.jpeg
cdn.jpg.wtf/futurico/47/bb/ 34 KB
34 KB 152ms
48ms Image
image/jpeg 5.254.23.97
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jpg.wtf/futurico/47/bb/1599474655-47bb3e078b842f43c34e627717fcf258.jpeg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.254.23.97 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 071299f188f9db59fdedc250caaff1b8cf3237f0dcd82b2493f4347bf5004442

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
last-modified: Mon, 07 Sep 2020 10:30:56 GMT
server: nginx
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-disposition: inline; filename=1599474655-47bb3e078b842f43c34e627717fcf258.jpeg
accept-ranges: bytes
content-length: 34955

GET
H2 200 e66c16a4fd50033a5b45e1c503a427d3_ce_1280x672x0x0_fitted_1260x700.jpeg
images11.popmeh.ru/upload/img_cache/e66/ 132 KB
132 KB 335ms
333ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images11.popmeh.ru/upload/img_cache/e66/e66c16a4fd50033a5b45e1c503a427d3_ce_1280x672x0x0_fitted_1260x700.jpeg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: b88e1771570da3b462d12db0a251e76449fc88c63c8e88405624da59851da7e3

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Fri, 18 Sep 2020 02:08:13 GMT
last-modified: Thu, 10 Sep 2020 07:47:48 GMT
server: nginx
etag: "5f59da24-20f83"
x-hostname: msk2nginx.fppressa.ru
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: MISS
accept-ranges: bytes
content-length: 135043
expires: Sun, 18 Oct 2020 02:08:08 GMT

GET
H2 200 c86a06c6cb72eeaec61847da3212c023_ce_500x262x0x187_fitted_1260x700.jpg
images11.popmeh.ru/upload/img_cache/c86/ 30 KB
30 KB 262ms
260ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images11.popmeh.ru/upload/img_cache/c86/c86a06c6cb72eeaec61847da3212c023_ce_500x262x0x187_fitted_1260x700.jpg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 970f50982e4e4ae573c03206a122c433972562b1220fe51404bb9da00dbc7362

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Fri, 18 Sep 2020 02:08:12 GMT
last-modified: Mon, 14 Sep 2020 05:42:25 GMT
server: nginx
etag: "5f5f02c1-782f"
x-hostname: spb2nginx.fppressa.ru
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: MISS
accept-ranges: bytes
content-length: 30767
expires: Sun, 18 Oct 2020 02:08:08 GMT

GET
H2

200

59ddb8875d461f671c1911c593aaec40.png
hsto.org/getpro/habr/upload_files/59d/db8/875/
Redirect Chain

https://habrastorage.org/getpro/habr/upload_files/59d/db8/875/59ddb8875d461f671c1911c593aaec40.png?v=1
https://hsto.org/getpro/habr/upload_files/59d/db8/875/59ddb8875d461f671c1911c593aaec40.png?v=1

135 KB
135 KB

12ms
11ms

Image
image/png

2606:4700:20::681a:ca1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hsto.org/getpro/habr/upload_files/59d/db8/875/59ddb8875d461f671c1911c593aaec40.png?v=1
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ca1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981c3edfbee842055a58182531332d818d02c9c20f97f3627d2c3a87fa759f44

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:08 GMT
cf-cache-status: HIT
age: 86069
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 137794
cf-request-id: 0540911c9100000601b4323200000001
last-modified: Wed, 02 Sep 2020 20:18:27 GMT
server: cloudflare
etag: "5f4ffe13-21a42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public, proxy-revalidate
accept-ranges: bytes
cf-ray: 5d4784741ede0601-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Location: https://hsto.org/getpro/habr/upload_files/59d/db8/875/59ddb8875d461f671c1911c593aaec40.png?v=1
Date: Fri, 18 Sep 2020 02:08:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H/1.1 200
OK 944.png
3dnews.ru/assets/external/illustrations/2020/09/10/1020314/ 141 KB
141 KB 376ms
139ms Image
image/png 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/09/10/1020314/944.png

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

93fd09e377173df5faff42b676c0bd475b0d8114b8334409e73d0432c07eb6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
x-content-type-options: nosniff
Last-Modified: Thu, 10 Sep 2020 11:12:52 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144024
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK BlindSide.jpg
xakep.ru/wp-content/uploads/2020/09/321217/ 339 KB
340 KB 111ms
70ms Image
image/jpeg 178.248.232.27
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xakep.ru/wp-content/uploads/2020/09/321217/BlindSide.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.248.232.27 , Russian Federation, ASN197068 (QRATOR, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

c48f7b3e317052a3cf3f94358172998a4ca073dd3379978c91dc4aa280f0349c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 15:08:33 GMT
Server: QRATOR
ETag: "5f60d8f1-54c6f"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Strict-Transport-Security: max-age=15552000
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 347247
X-XSS-Protection: 1; mode=block
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2020_8largeimg_1099393331.jpg
www.computerra.ru/wp-content/uploads/2020/08/ 131 KB
132 KB 270ms
76ms Image
image/jpeg 46.243.181.16
ITGLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.computerra.ru/wp-content/uploads/2020/08/2020_8largeimg_1099393331.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.243.181.16 Nadym, Russian Federation, ASN209974 (ITGLOBAL, RU),

Reverse DNS

Software

nginx /

Resource Hash

47f6ee9b43b17b2d402193a69c3b839df8d01a6ed39eaa9b61501f157a880475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Aug 2020 15:44:58 GMT
server: nginx
etag: "5f4d1afa-20da2"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 134562
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8560f2fd8a30d1da86800b0e9c38c17e_ce_1920x1008x0x160_fitted_1260x700.jpg
images11.popmeh.ru/upload/img_cache/856/ 235 KB
236 KB 376ms
375ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images11.popmeh.ru/upload/img_cache/856/8560f2fd8a30d1da86800b0e9c38c17e_ce_1920x1008x0x160_fitted_1260x700.jpg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 8b69e16ec6f8b28f74fb0518efe2b4a54ad1c71520c059fb4113f7111ac02f06

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Fri, 18 Sep 2020 02:08:13 GMT
last-modified: Mon, 31 Aug 2020 09:59:17 GMT
server: nginx
etag: "5f4cc9f5-3ac98"
x-hostname: msk2nginx.fppressa.ru
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: MISS
accept-ranges: bytes
content-length: 240792
expires: Sun, 18 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK 4243245.jpg
3dnews.ru/assets/external/illustrations/2020/08/31/1019539/ 235 KB
236 KB 80ms
79ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/08/31/1019539/4243245.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

95b61684de35abbcfc683a8f9d222f44ddfe7d9970571c2f53b0abef5bfbcca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:08 GMT
x-content-type-options: nosniff
Last-Modified: Mon, 31 Aug 2020 15:04:04 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 241107
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:08 GMT

GET
H2 200 1da1001623c0f1b149181c265c1249a6_ce_840x441x17x0_fitted_1260x700.jpg
images11.popmeh.ru/upload/img_cache/1da/ 110 KB
110 KB 276ms
276ms Image
image/jpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images11.popmeh.ru/upload/img_cache/1da/1da1001623c0f1b149181c265c1249a6_ce_840x441x17x0_fitted_1260x700.jpg
Requested by: Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 643d9a75a5c92eb43e4b0397fdcf29044cbf70738690818dc1100d2884f1a9da

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Fri, 18 Sep 2020 02:08:13 GMT
last-modified: Tue, 15 Sep 2020 16:17:53 GMT
server: nginx
etag: "5f60e931-1b8d8"
x-hostname: spb2nginx.fppressa.ru
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
cache: MISS
accept-ranges: bytes
content-length: 112856
expires: Sun, 18 Oct 2020 02:08:08 GMT

GET
H/1.1 200
OK eye1.jpg
3dnews.ru/assets/external/illustrations/2020/09/14/1020529/ 618 KB
619 KB 72ms
72ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/09/14/1020529/eye1.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

d131b39b9238e872c0c89eb70b8e6348aa387354f7900d7b84a595567aa1b21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:09 GMT
x-content-type-options: nosniff
Last-Modified: Mon, 14 Sep 2020 06:49:48 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 633031
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:09 GMT

GET
H/1.1 200
OK iss1.jpg
3dnews.ru/assets/external/illustrations/2020/09/02/1019708/ 363 KB
363 KB 78ms
77ms Image
image/jpeg 91.210.107.31
NCONNECT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3dnews.ru/assets/external/illustrations/2020/09/02/1019708/iss1.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.107.31 , Russian Federation, ASN49335 (NCONNECT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

2f91e5152f2ba6c58b8678d08610b2ea8e60da3fac22d0618cbb75a05ba7ce3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 02:08:09 GMT
x-content-type-options: nosniff
Last-Modified: Wed, 02 Sep 2020 11:43:23 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 371310
x-xss-protection: 1; mode=block
Expires: Fri, 02 Oct 2020 02:08:09 GMT

GET
H2 200 oblozhka-2-1.jpg
www.computerra.ru/wp-content/uploads/2020/09/ 38 KB
38 KB 448ms
259ms Image
image/jpeg 46.243.181.16
ITGLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.computerra.ru/wp-content/uploads/2020/09/oblozhka-2-1.jpg

Requested by

Host: zlgal.linkedinblueprint.com
URL: https://zlgal.linkedinblueprint.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.243.181.16 Nadym, Russian Federation, ASN209974 (ITGLOBAL, RU),

Reverse DNS

Software

nginx /

Resource Hash

53585640d152e96a08c94a3eff377bd414cf448602c756e9e47c53d85ec0cac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zlgal.linkedinblueprint.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 02:08:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 09:58:22 GMT
server: nginx
etag: "5f59f8be-984f"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 38991
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3dnews.ru
cdn.jpg.wtf
cdn.lifehacker.ru
code.jquery.com
fonts.googleapis.com
habr.com
habrastorage.org
hsto.org
icdn.lenta.ru
images11.popmeh.ru
stackpath.bootstrapcdn.com
www.computerra.ru
xakep.ru
zlgal.linkedinblueprint.com
178.248.232.27
178.248.237.68
185.238.168.211
2001:4de0:ac19::1:b:2b
2606:4700:20::681a:ca1
2a00:1450:4001:803::200a
2a03:90c0:9997::9997
46.243.181.16
46.4.7.171
5.254.23.97
81.19.72.56
82.192.95.170
91.210.107.31
071299f188f9db59fdedc250caaff1b8cf3237f0dcd82b2493f4347bf5004442
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1d66c52e56c2e4a022e67499c293c3e08420ba37d36055dd40ef77f935c06cb7
1ef1e9e0a6802fb5331bac4fe057558bb350617343723c16730d4901b54daa07
2f91e5152f2ba6c58b8678d08610b2ea8e60da3fac22d0618cbb75a05ba7ce3e
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
3ee22f981dbc47c32317dc4a83f7b089c4dfe3b23a437f3bfd6ee4413d630a6b
403e0477b9f3ca69057666666beee64b791c72be6527a174a8da69e48c56d17b
45103a8c349b65cec0c31f730161774aca67eb0a852e47649c012a880c98cfea
47f6ee9b43b17b2d402193a69c3b839df8d01a6ed39eaa9b61501f157a880475
49d4162d667f0b339a8127686baa0be18c02554e503a277ebcb18441206b18e3
4e5a746992fe33c7073c9a8ff83b4860be6ea3fc4bba9e2a169a1692d76dfdf2
53585640d152e96a08c94a3eff377bd414cf448602c756e9e47c53d85ec0cac7
60e58ac77e9c907b4f15e1f669fb706b2afd29fd37c211245bf9b0c144cad484
640dd097cfb67ba935175359a8da1e256b34de77d17cfbdebd2272f2ef0099d0
643d9a75a5c92eb43e4b0397fdcf29044cbf70738690818dc1100d2884f1a9da
76c8e4b8e1ed69a7d64bf025bc0f3a862b7a409113c19f5ab0a06db066fd6413
8b69e16ec6f8b28f74fb0518efe2b4a54ad1c71520c059fb4113f7111ac02f06
93fd09e377173df5faff42b676c0bd475b0d8114b8334409e73d0432c07eb6fa
95b61684de35abbcfc683a8f9d222f44ddfe7d9970571c2f53b0abef5bfbcca1
970f50982e4e4ae573c03206a122c433972562b1220fe51404bb9da00dbc7362
981c3edfbee842055a58182531332d818d02c9c20f97f3627d2c3a87fa759f44
9a034cf5bacb85cbe6929cabcb47742d65b76ca7e2a7d5fcc178e9d1458f0302
a08b775496c57fd095120e3162c0aeff4aa2c5bf0d16d5c09f16f0f77ad21af2
a7ecdb5e83255b9d5656019063995160203d0d4a14fbb5a5e8580193ef774954
b17cc67f9d26bd4d7a33eb39d633e6e813efc1b839e707ccb81fa14062b771e2
b88e1771570da3b462d12db0a251e76449fc88c63c8e88405624da59851da7e3
c48f7b3e317052a3cf3f94358172998a4ca073dd3379978c91dc4aa280f0349c
c74ecc96c486bc39807dc69734eb3b3a8575caf8e30014d8a7f88fa0acf8019a
c8da21fa384244fbdaaa54a7275e4f4d6f5d8e38cd8a09d44e7363b6b5df07c1
d131b39b9238e872c0c89eb70b8e6348aa387354f7900d7b84a595567aa1b21c
e2e27de9fead5c6593f038b3bc70a1e2f0fff59e10ac3ccd831ee9c60c828315
e3bb99af599c5807bf112de6961353b5b790b1c51bd7be1547bf397d54343406
f912498fdef870ab73f8bece420138a39d420c6257e99c89a76e8376e1ceefe0

zlgal.linkedinblueprint.com Open in urlscan Pro 185.238.168.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

35 Requests

100 %HTTPS

31 %IPv6

14 Domains

14 Subdomains

12 IPs

5 Countries

8929 kBTransfer

9162 kBSize

0 Cookies

30 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zlgal.linkedinblueprint.com Open in urlscan Pro
185.238.168.211 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

31 %
IPv6

14
Domains

14
Subdomains

12
IPs

5
Countries

8929 kB
Transfer

9162 kB
Size

0
Cookies

35 HTTP transactions
0 data transactions