Overview

URL blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
IP185.248.100.58
ASNIp Server LLC
Location Russia
Report completed2022-06-24 07:07:31 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-24 2 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip Malware
2022-06-24 2 blankera.ru/files/js/js_f_6-OzlFXjayKlsU5sJKLwjz7LFQvdIZDm-Mt6jKwyM.js Malware
2022-06-24 2 blankera.ru/files/js/js_W-mTAjmWrS2jb8EHsWuRZTAyREqSAqiCaBihgwCzhxI.js Malware
2022-06-24 2 blankera.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Malware
2022-06-24 2 blankera.ru/files/js/js_uJR3Qfgc-bGacxkh36HU9Xm2Q98e_V5UWlFISwie5ro.js Malware
2022-06-24 2 blankera.ru/files/js/js_MRdvkC2u4oGsp5wVxBG1pGV5NrCPW3mssHxIn6G9tGE.js Malware
2022-06-24 2 blankera.ru/files/js/js_v0XSAi9yevYQRhfQ8f7Sh_T9BUwlIsYQF193MTNQuAY.js Malware
2022-06-24 2 blankera.ru/sites/all/modules/jquery_update/replace/jquery/1.10/jquery.min.js Malware
2022-06-24 2 blankera.ru/sites/all/modules/jquery_update/replace/ui/ui/minified/jquery-u (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (10)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-24 05:05:58 UTC 54.230.111.7
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] mc.yandex.ru (3) 2672 2017-01-29 05:34:36 UTC 2022-06-23 14:32:14 UTC 77.88.21.119
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-24 04:59:01 UTC 34.120.237.76
[Mnemonic Passive DNS] blankera.ru (21) 0 No data No data 185.248.100.58 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-06-24 04:59:03 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.globalsign.com (3) 2075 2012-05-25 06:20:55 UTC 2022-06-24 05:10:12 UTC 104.18.21.226
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-24 05:56:55 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-24 05:17:04 UTC 35.86.38.2


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 185.248.100.58

Date UQ / IDS / BL URL IP
2022-06-25 06:50:35 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-25 06:42:32 +0000
0 - 0 - 7 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-25 06:29:47 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-25 06:22:41 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 16:02:35 +0000
0 - 0 - 9 blankera.ru/files/%D1%84%D0%B7%D1%80%D0%B0_85 (...) 185.248.100.58
2022-06-24 15:27:54 +0000
0 - 0 - 7 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 08:52:04 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 08:30:04 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 07:24:07 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 06:00:08 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58

Last 10 reports on ASN: Ip Server LLC

Date UQ / IDS / BL URL IP
2022-07-02 16:53:14 +0000
0 - 0 - 0 download.marcoserv.ru/art/guns/up2017/five-se (...) 5.252.194.244
2022-07-02 16:51:40 +0000
0 - 0 - 0 download.marcoserv.ru/art/guns/up2017/awp-cod (...) 5.252.194.244
2022-07-02 16:50:28 +0000
0 - 0 - 0 download.marcoserv.ru/art/fons/granturis.exe 5.252.194.244
2022-07-02 16:31:24 +0000
0 - 0 - 0 download.marcoserv.ru/art/guns/up2017/famas-n (...) 5.252.194.244
2022-07-02 16:12:28 +0000
0 - 0 - 0 download.marcoserv.ru/art/sprays/cinemamal.exe 5.252.194.244
2022-07-02 16:12:08 +0000
0 - 0 - 0 download.marcoserv.ru/art/guns/up2017/ak47-akc.exe 5.252.194.244
2022-07-02 16:11:52 +0000
0 - 0 - 0 download.marcoserv.ru/art/guns/up2017/knife-t (...) 5.252.194.244
2022-07-02 03:33:40 +0000
0 - 0 - 0 ofeligtelemsbasda2.ru/kim/IDM_6.41.2_keys_ru.rar 185.248.100.32
2022-07-01 16:47:45 +0000
0 - 0 - 0 download.marcoserv.ru/art/guns/up2017/knife-t (...) 5.252.194.244
2022-07-01 16:46:45 +0000
0 - 0 - 0 download.marcoserv.ru/art/sprays/cinemamal.exe 5.252.194.244

Last 10 reports on domain: blankera.ru

Date UQ / IDS / BL URL IP
2022-06-25 06:50:35 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-25 06:42:32 +0000
0 - 0 - 7 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-25 06:29:47 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-25 06:22:41 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 16:02:35 +0000
0 - 0 - 9 blankera.ru/files/%D1%84%D0%B7%D1%80%D0%B0_85 (...) 185.248.100.58
2022-06-24 15:27:54 +0000
0 - 0 - 7 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 08:52:04 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 08:30:04 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 07:24:07 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58
2022-06-24 06:00:08 +0000
0 - 0 - 8 blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0 (...) 185.248.100.58


JavaScript

Executed Scripts (15)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 90, repeated: 1) - SHA256: 9f4c5910734fca8c0bface228136ffcb094ebef33eeec8037502f236c3458614

                                        < script src = '/sites/all/modules/jquery_update/replace/jquery/1.10/jquery.min.js' > < /script>
                                    

#2 JavaScript::Write (size: 96, repeated: 1) - SHA256: 847e1855795e4142c63a84887203d8b787c8bf0c65b3f5e1bde4841f6a28f6f5

                                        < script src = '/sites/all/modules/jquery_update/replace/ui/ui/minified/jquery-ui.min.js' > < /script>
                                    


HTTP Transactions (45)


Request Response
                                        
                                            GET /files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.248.100.58
HTTP/1.1 308 Permanent Redirect
                                        
Connection: close
Location: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Server: Caddy
Date: Fri, 24 Jun 2022 07:07:14 GMT
Content-Length: 0


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A"
Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9870
Expires: Fri, 24 Jun 2022 09:51:44 GMT
Date: Fri, 24 Jun 2022 07:07:14 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 24 Jun 2022 06:44:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lPncs1O0-LokRuPmQpDEnZxc0BCTih40ijvBz_eXRunvy86dOtAlag==
Age: 1370


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 24 Jun 2022 02:10:52 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mKFeMmmDMp22UVrZnTKu48au_EuhuFzeEDL6YmF1840iT2k0sW_MZw==
age: 17784
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 24 Jun 2022 07:07:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171e1c4e77c1-KBP
content-type: text/css;charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169a-bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL3oh0JKf9Y%2BEjpIEYyfYtwKbZ3CJTaq%2BZ3i6aKHz43RyPLMTtKVPxK5rC1AJaYJJNBj3mZ5N84cn9eUHsUrNTI0e5TTH2PXZvx0aJhUN9QQRgDu8OS1KquyQmxu"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 3008
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3007)
Size:   3008
Md5:    acf1a8d2cc4e7f3303f947bec4f78130
Sha1:   61db60115cdcf1c7a61dc4c87265bcd18b306350
Sha256: 9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
                                        
                                            GET /files/css/css_Q7R7Blo9EYqLDI5rIlO_T3uTFBjIXjLpcqMHjTvVdmg.css HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 4824
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171e1bacb383-PRG
content-type: text/css;charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169b-3df7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gpHSH8yJj0zUaB%2F5bxovKBoF86aX%2FFru0Y%2BnWF8eKw4%2FnXSDyu%2FJw5ynlFzb6sp0EwEidQ92GhUtDrkHEOToqs6ilxTnl23YfRky1fMZ2Jy%2BKePxoZmTRj8Pv30"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 15863
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14559)
Size:   15863
Md5:    219d4860df06ce775fdfa462344ba779
Sha1:   5c4e4a92ae7875a7b1d9340583212c766cc5b3fd
Sha256: 43b47b065a3d118a8b0c8e6b2253bf4f7b931418c85e32e972a3078d3bd57668
                                        
                                            GET /files/css/css_oLeKvnp49x_AiPpXyt4k8AP4cNCLdBHBNxfGe7VqxzI.css HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171e19f577a7-KBP
content-type: text/css;charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169b-62b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37h7OUKhWyB8Bxe1ZyFt2kbPQZKYDPEW0hhN6CIq0dkzbKqm%2F71zP4YbOy30dKL3YOqUnwv560xVX%2FlNhYyP6DTxQQvlnvaCmAfzjZT%2FF2hxJELuBvlxV%2FYKjQyE"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 1579
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (517)
Size:   1579
Md5:    a6c8af070ec313ea1ee3625207046cbe
Sha1:   93219db540aaa6ef4b8d7e35755e93d152e8152b
Sha256: a0b78abe7a78f71fc088fa57cade24f003f870d08b7411c13717c67bb56ac732
                                        
                                            GET /files/css/css_zLW4elF607kpPgrGHQe695B9a48vRP24E-xCDeNY2Og.css HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 4824
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171e0eb7b365-PRG
content-type: text/css;charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169b-9ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fycYNb1iK5mE%2F0rpwumi3K5MZO4NEMdeDfPhZc98BmBSAcbHQPIfPeO9%2Fu1tbsP5utfx8HuGiSpqDomUJGFetC7GlpH398t8eHM6QzLLEL3SKHrqIXFxIoqF7Po"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 2538
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2043)
Size:   2538
Md5:    fd5930cc3725ec76ce21129585fa2743
Sha1:   b6dacc8d4828e8301363c1acb3b2541a268781ff
Sha256: ccb5b87a517ad3b9293e0ac61d07baf7907d6b8f2f44fdb813ec420de358d8e8
                                        
                                            GET /files/js/js_f_6-OzlFXjayKlsU5sJKLwjz7LFQvdIZDm-Mt6jKwyM.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 4824
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171f7c41b348-PRG
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169d-609"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh963u7cKJD8X3SF0imUgIXCyj3xtO2Nlq4xYrdxxS7GjTXW2H0b2Liwfk3Jh%2BkZizH60Ejv2p%2FmPikidKu1C459JfGphFtXNaRUW4apYG%2B6f1Xz6lxqIBOzSbMC"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 1545
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1545
Md5:    aa707d80d17a3aa52879648b2906b1ad
Sha1:   0d05403dd02323bd9fdc281a69a4f31723218328
Sha256: 7ffebe3b39455e36b22a5b14e6c24a2f08f3ecb150bdd2190e6f8cb7a8cac323

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/js/js_W-mTAjmWrS2jb8EHsWuRZTAyREqSAqiCaBihgwCzhxI.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 1628
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171e3aaa2d73-KBP
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "623016af-3a83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNXFe1B%2BINhF1WkL%2FkYflSW415AX18MaHBJdRt63MmNp5GHwXzirnCHYeQY101gCPWHzbNkgcsayx3LDnrv8RP15mQIMc0kPeFSraI5qERstbVcFdd0I6BTjbkH1"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 14979
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (11888)
Size:   14979
Md5:    d5bb1aeef706d5d37a55437d97f47632
Sha1:   7b1f887415849c02091284303b5d70b367944c10
Sha256: 5be993023996ad2da36fc107b16b91653032444a9202a8826818a18300b38712

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
cache-control: public
cf-ray: 71ed1e398a472473-KBP
content-type: application/javascript
date: Tue, 21 Jun 2022 13:33:48 GMT
etag: "62a8bab2-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 23 Jun 2022 13:33:48 GMT
last-modified: Tue, 14 Jun 2022 16:43:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUwRvT4NFSpnYN35HJaxOgZc9JlHnTY9ocXd8BzV25Hf9Ap427kfwzyPAicF0hSe6GT7gktos5%2FhUbndkp70ZFSa8KIEp1xSCh9hiQmR1%2B6Oxgt9rAwvhxmIeRFk"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-frame-options: DENY
content-length: 1239
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1238)
Size:   1239
Md5:    9e8f56e8e1806253ba01a95cfc3d392c
Sha1:   a8af90d7482e1e99d03de6bf88fed2315c5dd728
Sha256: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/icons/rssicon.png HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed1728884177b0-KBP
content-type: image/png
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "551171e8-258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 24 Mar 2015 14:17:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzu26a7%2FeV5rL6Mk3OxEtARLiMLeL%2Fi3gh%2By5SOP%2Bsn6bBO5OII4%2BZb4nvyBS5crBWWkARE7KKE%2B%2BgageW%2BJeflydA%2FmozUVggMjU2lsq49WUSMl17WU%2F9Jr3XG6"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 600
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size:   600
Md5:    886ada6adb545777d92192360a3352fd
Sha1:   64c7c5d00a24c4a0939f785fd67584b653e0d9ea
Sha256: ce48ab9994376461d7f0ea9efb119dedf4fa45def1196ff2a21fb7a788b64328
                                        
                                            GET /files/icons/okicon.png HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed1728792d2d8b-KBP
content-type: image/png
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "551d878c-22d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 02 Apr 2015 18:16:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPEBKIA3W5FXZgmn0L6lWq7LY97uraW9QtusH79ayNLn7lVcxFBJr88y0a5wGxQ3oUVGjjP7hGWctZggYKc7h0sobua1ZZOmAWRdfeKHHgktN51n5Spaj1%2FdRbil"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 557
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size:   557
Md5:    e5b5f1be270c802900aa73aa41d385bc
Sha1:   66dc63888b8a0f3b260a91a4922bf81b91de4ba2
Sha256: 4ae2a6cff5d3f4bef6abc84c559529234e4eb16f3b49e4a7a7234be7d19653ab
                                        
                                            GET /files/icons/fbicon.png HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed17288ec12307-KBP
content-type: image/png
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "551171e9-293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 24 Mar 2015 14:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wOomrIeyNCtaAVbNHD%2BaBqytB6arm6dTJx5%2FJG3lkLQc1AWvglCDfDuwFtS5i%2B%2FkS7lSQysXV9VmoNqOzSQalhmU7QK8HaKXOY%2FzvKAUutHAFFzvcx1UrXkMRco"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 659
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size:   659
Md5:    eeb98beccad5483e19ac53eb4e8d9bae
Sha1:   fd8182e10c293a1e744befb26bcc9ceefd5e7019
Sha256: d80cc3ad88715ea02effbd41365716a7d1e6637e12d1f2c5fb202cba8bdb81cd
                                        
                                            GET /files/icons/tlgrm.png HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed17288820249e-KBP
content-type: image/png
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "5ef9f5a2-268"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 29 Jun 2020 14:07:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hj9na9JHKcSgjQXHeMi8GOz0c9z5d2GaroYMsEdtgnKboRrC63%2FkOdJzelD0%2BiZSYhmsVbU17it9IRP1nzlJbBVJIsF3KXINx4Nf7aoxT5kExuDxGEQdag6yBTbh"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 616
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size:   616
Md5:    10d7bf586c55910e14472f074445d66e
Sha1:   4cb1a38462aaa6455c33620d3515e2180ec51c18
Sha256: 994f7d3ae4bbdd1953466eb68b120bbb50678efabd823d7203fa231ad26e241d
                                        
                                            GET /files/icons/vkicon.png HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 2321
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed17289eed9249-FRA
content-type: image/png
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "551171e9-232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 24 Mar 2015 14:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF7xxH8GysLFV1Ga1bQkyFKVtmKxCigzvKaZRWqqs1a6B%2BtNuUgJLWJ5ZTxB%2BrhBqTOu%2FYcomhNgJUu%2BSfGq0KN7Wn4N0v7jpRgNcrP%2BvWACXee%2BNzJAQAUoBASH"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 562
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size:   562
Md5:    e0d6e511867543a73be0dc1ca8870bf8
Sha1:   8f7e3738e1f07fc830e0ffa9e42544445aeb7d14
Sha256: 761a01b3b7528c2c5864b0e13c7032cf314014b978976f6e0fef85931ce9c7f3
                                        
                                            GET /files/icons/twitticon.png HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed17284dda2307-KBP
content-type: image/png
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "551171e9-1fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 24 Mar 2015 14:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epO1V9VdH9bxl6UQD%2B96r6E2HPQY3u2EdW3kiqOuUZFaOjQSgXKtxN%2BsMUg8hI4pGjrJRaXJP7IMNFCndH5JZEXfSv0WsTvT2SsdT3%2FcN1G4uaBkny9Wd6gkicl4"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 510
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size:   510
Md5:    d64724bbffc395c13118aafdd3f93267
Sha1:   378efe94de6e1ecd52feb9794d487d9414be291f
Sha256: 69a28df33bf74d67c46980cc4e062811572290664eb31dd4305e6c0f72d26ce9
                                        
                                            GET /files/js/js_uJR3Qfgc-bGacxkh36HU9Xm2Q98e_V5UWlFISwie5ro.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 4824
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171e1b4bb392-PRG
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169c-994d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdiscgZUwGb92vce0w7wiJwrXRdILfDeJNlMYQelGZcrUJujn%2Fy8Tds8rWMIHiBjoaN%2F1S10Ggyawp79SNEMLV1WcugKukhtDuJu%2B30jF5vFJ4rtF1RjuE5nJusb"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 39245
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   39245
Md5:    e8c9a87aba21b0242e22c42b133fe10a
Sha1:   74e814963b3b4a2ddd78895b667eec8106d17ea9
Sha256: b8947741f81cf9b19a731921dfa1d4f579b643df1efd5e545a51484b089ee6ba

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/js/js_MRdvkC2u4oGsp5wVxBG1pGV5NrCPW3mssHxIn6G9tGE.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 4825
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed17237ba727bc-PRG
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "6230169a-26bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8hJeTMirqhdLKC1RWy72zpoE2S4irQW2DVu4eRy7VqrwMA1I%2F%2BNMlcNQk%2BSIERyCXQe3UvfrZF%2FFwM8IHDfw2c0CTlYJXNxgd7mZD4lGb4YCeFNPoz5LKe4vjYV"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 9917
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   9917
Md5:    89bb6dd779782e2c014d9aba0cd54c7a
Sha1:   3c2c59e359bf67c946e5c67246c7749a9e24a315
Sha256: 31176f902daee281aca79c15c411b5a4657936b08f5b79acb07c489fa1bdb461

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 07:07:15 GMT
Content-Length: 940
Connection: keep-alive
Expires: Tue, 28 Jun 2022 04:38:00 GMT
ETag: "171e9cb70726bb1112788b8036f35b934410b998"
Last-Modified: Fri, 24 Jun 2022 04:38:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2507
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7203a01dcd0f0b45-OSL

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 07:07:15 GMT
Content-Length: 940
Connection: keep-alive
Expires: Tue, 28 Jun 2022 04:38:00 GMT
ETag: "171e9cb70726bb1112788b8036f35b934410b998"
Last-Modified: Fri, 24 Jun 2022 04:38:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2507
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7203a01ddf6cb4eb-OSL

                                        
                                            GET /files/js/js_v0XSAi9yevYQRhfQ8f7Sh_T9BUwlIsYQF193MTNQuAY.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171f8dd424a1-KBP
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169e-124b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BWNvOfiALhzPxyY52p71PeymugRuWhGlNNG1Ts5zEGb2DxyPE2syQDWlTeAbOeXeqFzcjUQ56s2jpv1WE7hGGvkEvXOmnmUAPQHJo96ktsQ4gzNMW62Gr9lqHqZ"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 74932
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   74932
Md5:    bc9fadd5c1466baafa00ffa5f6e17195
Sha1:   9cf7fcfa7b37008042c9537a3fcdaebe14a5f983
Sha256: bf45d2022f727af6104617d0f1fed287f4fd054c2522c610175f77313350b806

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/css/css_sdRUVAAU4ZA2TJsmRdGPVhRqeFxagGNxvaSqRcdshQ4.css HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 5395
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed171e0e9d2479-KBP
content-type: text/css;charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "6230169c-236da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Mar 2022 04:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fexPRC0Y9VWGjoD%2BPhIdgs5c5CS6MSg5E6n%2Bw42q49xQI5OM81iW1%2FV9L2XJcmOePMQHxNDx38dbcId25adalCip7DiYDk3T27L0jO6a0ivv4DMt35%2BogyW4K%2F08"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 145114
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   145114
Md5:    32c1c56bcc3b657967232c1bd4cf411c
Sha1:   2aa900156dc758d6145e8c620f461f8cddae553c
Sha256: a519a14df363d390a7b457a0e7e647e8df5c68c2da020f43f7263d7bfad045c4
                                        
                                            GET /sites/all/modules/jquery_update/replace/jquery/1.10/jquery.min.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 6932
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed17220af877b6-KBP
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:57 GMT
etag: "5dd63051-16bb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 21 Nov 2019 06:36:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgBavExb2eXWvp0aH%2Fw0mTwye1onvzlixvgzoAv0K0FoIZrP9mwc93%2BAzchTNVtTEXMtIyeJ%2BvRjiZ%2FyF25RuoXobZoewlBzPRtzyNfgTHSkNZyJVtAadfcQHRIR"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 93107
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32072)
Size:   93107
Md5:    628072e7212db1e8cdacb22b21752cda
Sha1:   0511abe9863c2ea7084efa7e24d1d86c5b3974f1
Sha256: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /sites/all/modules/jquery_update/replace/ui/ui/minified/jquery-ui.min.js HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Cookie: has_js=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 200 OK
                                        
accept-ranges: bytes
age: 6915
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71ed1724c8b32da0-KBP
content-type: application/javascript; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:58 GMT
etag: "5dd63051-37aa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 21 Nov 2019 06:36:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sSxE9NZ5pKyFeNgc64NoPUuZ5memL%2FpUzKurPy1CDKfHB9FLRguxWJM6CShy2rHj9LNEVxIf20GzthUh6u8UBSU2suT5gDEYNIXwlnDD22QNzVnkCDHD6Qb56Zo"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
content-length: 228002
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32127)
Size:   228002
Md5:    3e6acb1e6426ef90d2e786a006a4ea28
Sha1:   326339e0b8ee351a1e706f6b1cba772e64d1ff19
Sha256: 16089a42741acc5fd00ab17da92be9458e8f0029fd645f159e582a7ea0f52ec1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 24 Jun 2022 06:11:58 GMT
Cache-Control: max-age=3600
Expires: Fri, 24 Jun 2022 06:39:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lbovhkQUUJxATnNLGgQAsh6QnhPUxmmW0_qMZXNB_xAzzIKtFQMZcA==
Age: 3318


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4847
Cache-Control: 'max-age=158059'
Date: Fri, 24 Jun 2022 07:07:16 GMT
Last-Modified: Fri, 24 Jun 2022 05:46:29 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 24 Jun 2022 07:07:16 GMT
Content-Length: 941
Connection: keep-alive
Expires: Tue, 28 Jun 2022 03:15:16 GMT
ETag: "ff00e7c2a0b0b2f36ae3b0eb239e7874b2740352"
Last-Modified: Fri, 24 Jun 2022 03:15:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2811
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7203a0231a7a0b45-OSL

                                        
                                            GET /files/icons/blankeralogo.png HTTP/1.1 
Host: blankera.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/files/%D0%91%D0%9B%D0%90%D0%9D%D0%9A_2502.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         185.248.100.58
HTTP/2 404 Not Found
                                        
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 71ed17246cf72d7f-KBP
content-type: text/html; charset=UTF-8
date: Tue, 21 Jun 2022 13:28:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1AnTTogNxEWMHP8VIZje8SFOZBgaNjmDTqU%2BosW0h06z7z1MLM9VjcGXygTz3gqA4ao%2BVuu5vZY6vC8vUKQn91oMd1CHCkGjUtWQCQuGkgKAR8XDfm4%2B8hmNwUo"}],"group":"cf-nel","max_age":604800}
server: Caddy, cloudflare
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-powered-by: PHP/5.4.16
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   72074
Md5:    ec740e6ad019924fe77cb1c7db9a6ec9
Sha1:   61e1330c961cc70b65dd09b400edac3da95cd042
Sha256: 9b01cb4b1e8bd6c42298cf5da15c6a3db744f5e4360606ea2bb16da833a94798
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Alre+8No/I+G6Tu5xnKZAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.86.38.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5RnHxIInlTCqvFsJysPP7qcLTQc=

                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blankera.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
                                        
content-length: 43
date: Fri, 24 Jun 2022 07:07:16 GMT
access-control-allow-origin: *
etag: "62b188ad-2b"
expires: Fri, 24 Jun 2022 08:07:16 GMT
accept-ranges: bytes
last-modified: Tue, 21 Jun 2022 12:00:29 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /watch/26812653?wmode=7&page-url=https%3A%2F%2Fblankera.ru%2Ffiles%2F%25D0%2591%25D0%259B%25D0%2590%25D0%259D%25D0%259A_2502.zip&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30si12g1ti3gy6ga9jkl4%3Afp%3A1461%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A831%3Acn%3A1%3Adp%3A0%3Als%3A391939563715%3Ahid%3A416778535%3Az%3A0%3Ai%3A20220624070712%3Aet%3A1656054432%3Ac%3A1%3Arn%3A426031390%3Arqn%3A1%3Au%3A1656054432741447269%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656054430142%3Ads%3A0%2C70%2C30%2C28%2C389%2C0%2C%2C876%2C26%2C%2C%2C%2C1469%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656054432%3At%3A%D0%A2%D0%B0%D0%BA%D0%BE%D0%B9%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%BD%D0%B5%20%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%7C%20%D0%9E%D0%B1%D1%80%D0%B0%D0%B7%D0%B5%D1%86%20-%20%D0%B1%D0%BB%D0%B0%D0%BD%D0%BA%20-%20%D1%84%D0%BE%D1%80%D0%BC%D0%B0%20-%202020&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blankera.ru
Connection: keep-alive
Referer: https://blankera.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 302 Found
                                        
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fblankera.ru%2Ffiles%2F%25D0%2591%25D0%259B%25D0%2590%25D0%259D%25D0%259A_2502.zip&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30si12g1ti3gy6ga9jkl4%3Afp%3A1461%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A831%3Acn%3A1%3Adp%3A0%3Als%3A391939563715%3Ahid%3A416778535%3Az%3A0%3Ai%3A20220624070712%3Aet%3A1656054432%3Ac%3A1%3Arn%3A426031390%3Arqn%3A1%3Au%3A1656054432741447269%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656054430142%3Ads%3A0%2C70%2C30%2C28%2C389%2C0%2C%2C876%2C26%2C%2C%2C%2C1469%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656054432%3At%3A%D0%A2%D0%B0%D0%BA%D0%BE%D0%B9%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D1%8B%20%D0%BD%D0%B5%20%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D1%82%20%7C%20%D0%9E%D0%B1%D1%80%D0%B0%D0%B7%D0%B5%D1%86%20-%20%D0%B1%D0%BB%D0%B0%D0%BD%D0%BA%20-%20%D1%84%D0%BE%D1%80%D0%BC%D0%B0%20-%202020&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 24 Jun 2022 07:07:16 GMT
access-control-allow-origin: https://blankera.ru
set-cookie: yandexuid=4564885041656054436; Expires=Sat, 24-Jun-2023 07:07:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yuidss=4564885041656054436; Expires=Sat, 24-Jun-2023 07:07:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure yabs-sid=1100233701656054436; Path=/; SameSite=None; Secure i=xwxxdRO7hJnOkS6EYJuPerV/+CW24bWHhGCQDq14HYzE4I/frqu89bNSF70KxactKSUOMGHAo4HhNvh3QC9JWz3D6Bc=; Expires=Mon, 21-Jun-2032 07:07:15 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None ymex=1687590436.yrts.1656054436#1687590436.yrtsi.1656054436; Expires=Sat, 24-Jun-2023 07:07:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Jun-2022 07:07:16 GMT
last-modified: Fri, 24-Jun-2022 07:07:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (318), with no line terminators
Size:   318
Md5:    e33db4b93818bbf8a15979e54cb836e4
Sha1:   7e439b3c3b625a0db896deae9a860c8bc4e39180
Sha256: 1213cd1997fee181ceceef16b75695a5b988c9f3a9c6d3751cf0246265169a7c
                                        
                                            POST /watch/26812653/1?page-url=https%3A%2F%2Fblankera.ru%2Ffiles%2F%25D0%2591%25D0%259B%25D0%2590%25D0%259D%25D0%259A_2502.zip&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30si12g1ti3gy6ga9jkl4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A831%3Acn%3A1%3Adp%3A0%3Als%3A391939563715%3Ahid%3A416778535%3Az%3A0%3Ai%3A20220624070712%3Aet%3A1656054432%3Ac%3A1%3Arn%3A967470043%3Arqn%3A2%3Au%3A1656054432741447269%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656054430142%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2081%2C2081%2C1%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656054432&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 74
Origin: https://blankera.ru
Connection: keep-alive
Referer: https://blankera.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         77.88.21.119
HTTP/2 200 OK
                                        
content-length: 43
date: Fri, 24 Jun 2022 07:07:16 GMT
access-control-allow-origin: https://blankera.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 24-Jun-2022 07:07:16 GMT
last-modified: Fri, 24-Jun-2022 07:07:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Fri, 24 Jun 2022 07:44:23 GMT
Date: Fri, 24 Jun 2022 07:07:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Fri, 24 Jun 2022 07:44:23 GMT
Date: Fri, 24 Jun 2022 07:07:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Fri, 24 Jun 2022 07:44:23 GMT
Date: Fri, 24 Jun 2022 07:07:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Fri, 24 Jun 2022 07:44:23 GMT
Date: Fri, 24 Jun 2022 07:07:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2226
Expires: Fri, 24 Jun 2022 07:44:23 GMT
Date: Fri, 24 Jun 2022 07:07:17 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ede3b35-ed04-43c1-a89d-1e51e8238519.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8664
x-amzn-requestid: 40eb1eb8-7197-46b8-9b7a-61e6373b723c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T5B8tGPvIAMFfug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ad16b7-7a516cff0c0b97730a5b4e61;Sampled=0
x-amzn-remapped-date: Sat, 18 Jun 2022 00:05:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vSXvgD-0kZKuKUWS-hE-Snn9GZLLeXUsFggWE_nv2aAMgqiB5hN_cg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 4c19973ee1875e6ec362c34e124d0998.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 01:11:45 GMT
age: 21332
etag: "21c3cee9895d0d49ebec760238535178cccf4a3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8664
Md5:    d2e59de119422f4e4cc08572906c9146
Sha1:   21c3cee9895d0d49ebec760238535178cccf4a3d
Sha256: 3fb79d0c34bf27b111e659aa64cc190239c9a17954e2fdd0d353aabaaf845387
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8359c26-0b0d-477d-914c-0c4948ee09c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8025
x-amzn-requestid: c621bd7c-dd02-4b97-974b-6d6c2502890c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1ALFoNoAMF0IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50200-44094570604b86f83300b68c;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:14:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pevLtQFw9J0U3YbN3pVVhgO5QurwciBzVtdgg7IFzsVvSRBsNlBpmw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:27:41 GMT
age: 23976
etag: "11b1d12618c8bde046354aa8988d4639ad7589bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8025
Md5:    18a2d0fff8e4e40a36d692e45af089cb
Sha1:   11b1d12618c8bde046354aa8988d4639ad7589bf
Sha256: 8b345a91bd04afbb59fb0c5b0ca0830614130bf56c13a88889b9c3a69dc8d949
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92d82a42-6b15-49d4-909b-032f805d3c47.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4253
x-amzn-requestid: dc2f230b-d9d9-4d10-af7c-f7c7c92eaad1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1BYHgZoAMFzqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50208-282d2a0d707326a647d17b82;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MsQNllN96JiXwoPPx6dhqZdIz7jsup0Q0VuwbzmYGsscB0uhTsF8Yw==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:48:35 GMT
age: 22722
etag: "e5f4947c997c4d9ba9a1a2b6696aef163655b808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4253
Md5:    d5983f34363faf36540f0fb6806435d8
Sha1:   e5f4947c997c4d9ba9a1a2b6696aef163655b808
Sha256: 31ae38c2c9446152b979340de0c1c43e3e2060ba8abff66dc2e0b5d5f676379e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1749b3b-0d9b-43a1-8965-f7f13602c892.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7281
x-amzn-requestid: ed27e890-50fd-42e3-ae91-6ea788e157f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1BhG8JoAMFppQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50209-479195105ec805f252173f07;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dW71IPIO0pvMPqUTy5s8MzPgXHF-_C0vcvAdZ0QNiMSWcHfSvcznpA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:33:48 GMT
age: 23609
etag: "7de1e1a3d5278c4a95a6c41707de9f42b340df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7281
Md5:    e13f75fbc853ddadb00c907e132f0772
Sha1:   7de1e1a3d5278c4a95a6c41707de9f42b340df9a
Sha256: 495b9150ad122944a29462010c86648c4b9b8a83b70686d1e0557cb93111d2a0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd7f9a35-0e8a-460e-b220-6d735af41155.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8983
x-amzn-requestid: 627a7551-ca6d-4b1b-b794-956df9b5487d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UMz6RHgpoAMFyKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50041-6c9d1ed4728c796230f8630e;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:07:29 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bqEUkBIE90v5mTTgWDVS80-exnhBWN8NLPHX9A28F6uQQ74lG4ZOEw==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:23:18 GMT
age: 24239
etag: "09043e8c1fc47eb1113e4a34da30b3047a73f835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8983
Md5:    eb1d09ebdf227ca72fbb08c09fbb92ae
Sha1:   09043e8c1fc47eb1113e4a34da30b3047a73f835
Sha256: df8bb827f695f360f8b9e8f14b2b45a6af27cb2213808cecff3ea59f75cf66cc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49c3ccce-1ae1-4a47-8d95-aa572c4ceae9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11646
x-amzn-requestid: 3061c5bd-7a81-4f52-a333-fc122a7521a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UM1AKHdVIAMFbVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b50200-23220ada786a596b248d127b;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 00:14:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q2QWHo5LVycJplvw3MVNXWQs2mCsEx6xulLVDD0ywU9NwMdb37QJSQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Jun 2022 00:28:18 GMT
age: 23939
etag: "1a85dce8e73089b14f81c10c492f96eee2cab510"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11646
Md5:    35eb3d6d8ced3eb364e64f0174bd1450
Sha1:   1a85dce8e73089b14f81c10c492f96eee2cab510
Sha256: 5e13e75e2a9f7c7d99e493565d2205ccbcf74f5047dbe450452ab60dd46cb66f